eastleighvoice.co.ke Open in urlscan Pro
104.21.32.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJ...
Effective URL:
https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Submission: On May 26 via api (May 26th 2025, 8:50:38 pm UTC) from DE — Scanned from AU

Summary HTTP 245 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 42 domains to perform 245 HTTP transactions. The main IP is 104.21.32.1, located in and belongs to CLOUDFLARENET, US. The main domain is eastleighvoice.co.ke.
TLS certificate: Issued by WE1 on April 30th 2025. Valid for: 3 months.

This is the only time eastleighvoice.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	142.250.66.238 142.250.66.238	15169 (GOOGLE) (GOOGLE)
1	142.250.204.10 142.250.204.10	15169 (GOOGLE) (GOOGLE)
3	142.250.76.104 142.250.76.104	15169 (GOOGLE) (GOOGLE)
9	142.250.66.227 142.250.66.227	15169 (GOOGLE) (GOOGLE)
3	172.217.167.78 172.217.167.78	15169 (GOOGLE) (GOOGLE)
8	172.217.14.78 172.217.14.78	15169 (GOOGLE) (GOOGLE)
7	142.251.221.65 142.251.221.65	15169 (GOOGLE) (GOOGLE)
22	104.21.32.1 104.21.32.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.175.226 104.16.175.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	142.250.72.162 142.250.72.162	15169 (GOOGLE) (GOOGLE)
21	142.251.221.66 142.251.221.66	15169 (GOOGLE) (GOOGLE)
4	142.250.67.4 142.250.67.4	15169 (GOOGLE) (GOOGLE)
16	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
2	74.125.137.84 74.125.137.84	15169 (GOOGLE) (GOOGLE)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2 3	142.250.188.238 142.250.188.238	15169 (GOOGLE) (GOOGLE)
1	142.250.141.155 142.250.141.155	15169 (GOOGLE) (GOOGLE)
2	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
3	142.250.72.131 142.250.72.131	15169 (GOOGLE) (GOOGLE)
1	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
1	64.233.188.156 64.233.188.156	15169 (GOOGLE) (GOOGLE)
2	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
2 3	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
3	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	172.253.118.84 172.253.118.84	15169 (GOOGLE) (GOOGLE)
1	74.119.117.47 74.119.117.47	19750 (AS-CRITEO) (AS-CRITEO)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.29.101 104.18.29.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.158.32.75 108.158.32.75	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	108.158.32.47 108.158.32.47	16509 (AMAZON-02) (AMAZON-02)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.244.49.108 18.244.49.108	16509 (AMAZON-02) (AMAZON-02)
1	142.250.67.1 142.250.67.1	15169 (GOOGLE) (GOOGLE)
1 6	141.226.229.48 141.226.229.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	151.101.194.58 151.101.194.58	54113 (FASTLY) (FASTLY)
1 2	103.43.91.210 103.43.91.210	29990 (ASN-APPNEX) (ASN-APPNEX)
1	57.129.85.132 57.129.85.132	16276 (OVH OVH SAS) (OVH OVH SAS)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	183.177.68.211 183.177.68.211	10310 (YAHOO-1) (YAHOO-1)
11	92.223.78.30 92.223.78.30	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
9	172.217.167.110 172.217.167.110	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	52.220.85.210 52.220.85.210	16509 (AMAZON-02) (AMAZON-02)
5	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.250.188.226 142.250.188.226	15169 (GOOGLE) (GOOGLE)
1 1	124.146.153.151 124.146.153.151	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	116.202.167.156 116.202.167.156	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
1 3	23.108.103.10 23.108.103.10	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
1	193.200.65.6 193.200.65.6	6681 (giveme-cl...) (giveme-cloud GIVEME CLOUD SP Z O O)
1 1	204.62.12.209 204.62.12.209	46636 (NATCOWEB) (NATCOWEB)
1 1	57.128.210.69 57.128.210.69	16276 (OVH OVH SAS) (OVH OVH SAS)
1	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
245	53

5 142.250.66.238 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.167.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.14.78 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s38-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.221.65 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.21.32.1 (None, )

ASN13335 (CLOUDFLARENET, US)

eastleighvoice.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
publish.eastleighvoice.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.175.226 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.72.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lax17s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.67.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.137.84 (United States)

ASN15169 (GOOGLE, US)
PTR: dy-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.188.238 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lax31s15-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.141.155 (United States)

ASN15169 (GOOGLE, US)
PTR: dd-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.72.131 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lax17s49-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.188.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f156.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.78 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.8.35 (Sydney, Australia) 2 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.47 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-75.syd3.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.158.32.47 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-47.syd3.r.cloudfront.net

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.49.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-49-108.cgk50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net

bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.229.48 (Singapore) 1 redirects

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sg-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.58 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.91.210 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.129.85.132 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3249663.ip-57-129-85.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.177.68.211 (Hong Kong)

ASN10310 (YAHOO-1, US)
PTR: e2-ha.ycpi.aue.yahoo.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 92.223.78.30 (Sydney, Australia)

ASN199524 (GCORE G-Core Labs S.A., LU)

scripts.yehtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.167.110 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.85.210 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-85-210.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.188.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lax31s15-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.151 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.167.156 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.156.167.202.116.clients.your-server.de

ads.yehtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.108.103.10 (Jurong Town, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.62.12.209 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

sync-service.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.128.210.69 (France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ngx-pl-02.greencuttlefish.com

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 956 beacon.taboola.com — Cisco Umbrella Rank: 1798 trc.taboola.com — Cisco Umbrella Rank: 810 images.taboola.com — Cisco Umbrella Rank: 1528 sg-trc-events.taboola.com — Cisco Umbrella Rank: 49310 sync.taboola.com — Cisco Umbrella Rank: 1115 cds.taboola.com — Cisco Umbrella Rank: 1723	605 KB
33	google.com 3 redirects news.google.com — Cisco Umbrella Rank: 5983 play.google.com — Cisco Umbrella Rank: 28 www.google.com — Cisco Umbrella Rank: 3 accounts.google.com — Cisco Umbrella Rank: 23 analytics.google.com — Cisco Umbrella Rank: 164 google.com — Cisco Umbrella Rank: 1 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 713	332 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 172	297 KB
24	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 240 stats.g.doubleclick.net — Cisco Umbrella Rank: 168 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 td.doubleclick.net — Cisco Umbrella Rank: 310 cm.g.doubleclick.net — Cisco Umbrella Rank: 301	317 KB
22	eastleighvoice.co.ke eastleighvoice.co.ke publish.eastleighvoice.co.ke	2 MB
14	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 838	597 KB
12	yehtu.com scripts.yehtu.com ads.yehtu.com	211 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	197 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2933 google-bidout-d.openx.net — Cisco Umbrella Rank: 2825 us-u.openx.net — Cisco Umbrella Rank: 537 jp-u.openx.net — Cisco Umbrella Rank: 16620	2 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 322	67 KB
3	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 3143	1 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 474	8 KB
3	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 120	69 KB
3	google.com.au www.google.com.au — Cisco Umbrella Rank: 27680	191 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 247	164 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	257 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 387	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 20257	864 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 288	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 836 id5-sync.com — Cisco Umbrella Rank: 533	31 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 3059 ups.analytics.yahoo.com — Cisco Umbrella Rank: 608	9 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1089 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1123	13 KB
2	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 3289	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 219	75 KB
1	smartytech.io 1 redirects server.smartytech.io — Cisco Umbrella Rank: 7686	611 B
1	sync-service.net 1 redirects sync-service.net — Cisco Umbrella Rank: 10416	378 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 142760	349 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1016	408 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 2278	853 B
1	temu.com www.temu.com — Cisco Umbrella Rank: 721	497 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2902	4 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2170	3 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1218	7 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2217	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 960	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5201	267 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 548	7 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	3 KB
0	krushmedia.com Failed cs.krushmedia.com Failed
0	loopme.me Failed csync.loopme.me Failed
245	42

	Domain	Requested by
28	images.taboola.com	eastleighvoice.co.ke
17	pagead2.googlesyndication.com	eastleighvoice.co.ke pagead2.googlesyndication.com securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	eastleighvoice.co.ke securepubads.g.doubleclick.net news.google.com pagead2.googlesyndication.com
14	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
12	eastleighvoice.co.ke	www.gstatic.com eastleighvoice.co.ke
11	scripts.yehtu.com	securepubads.g.doubleclick.net scripts.yehtu.com
10	publish.eastleighvoice.co.ke	eastleighvoice.co.ke
9	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	play.google.com	www.gstatic.com
8	www.gstatic.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net
6	cdn.taboola.com	eastleighvoice.co.ke cdn.taboola.com
5	sg-trc-events.taboola.com	cdn.taboola.com
5	news.google.com	1 redirects
4	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
4	www.google.com	eastleighvoice.co.ke www.googletagmanager.com securepubads.g.doubleclick.net
4	cdn.jsdelivr.net	eastleighvoice.co.ke securepubads.g.doubleclick.net
3	inv-nets.admixer.net	1 redirects eastleighvoice.co.ke
3	trc.taboola.com	cdn.taboola.com
3	gum.criteo.com	cdn.taboola.com static.criteo.net gum.criteo.com
3	www.facebook.com	2 redirects connect.facebook.net
3	www.google.com.au	eastleighvoice.co.ke
3	analytics.google.com	2 redirects www.googletagmanager.com
3	accounts.google.com	eastleighvoice.co.ke accounts.google.com
3	cdnjs.cloudflare.com	eastleighvoice.co.ke cdnjs.cloudflare.com
3	www.google-analytics.com	www.googletagmanager.com eastleighvoice.co.ke
3	www.googletagmanager.com	news.google.com eastleighvoice.co.ke www.googletagmanager.com
2	match.adsrvr.org	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	cr-p3.ladsp.com	2 redirects
2	us-u.openx.net	google-bidout-d.openx.net
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	oajs.openx.net	1 redirects eastleighvoice.co.ke
2	ib.adnxs.com	1 redirects eastleighvoice.co.ke
2	syndicatedsearch.goog	www.google.com
2	td.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	eastleighvoice.co.ke connect.facebook.net
1	csi.gstatic.com	pagead2.googlesyndication.com
1	server.smartytech.io	1 redirects
1	sync-service.net	1 redirects
1	m.trafmag.com	eastleighvoice.co.ke
1	cs.admanmedia.com	1 redirects
1	ads.yehtu.com	scripts.yehtu.com
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cds.taboola.com	cdn.taboola.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	id5-sync.com	cdn.id5-sync.com
1	www.temu.com	eastleighvoice.co.ke
1	sync.taboola.com	1 redirects
1	bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	beacon.taboola.com	cdn.taboola.com
1	partner.googleadservices.com	www.google.com
1	google.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	eastleighvoice.co.ke
1	lh3.googleusercontent.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	news.google.com
0	cs.krushmedia.com Failed	eastleighvoice.co.ke
0	csync.loopme.me Failed	eastleighvoice.co.ke
245	70

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
api.whatsapp.com
x.com
www.tiktok.com
www.youtube.com
whatsapp.com
popup.taboola.com
www.comparethemarket.com.au
play.elvenar.com
signup.fattaildaily.com.au
developers.facebook.com
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.news.google.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
upload.video.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google-analytics.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.gstatic.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.googleusercontent.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
eastleighvoice.co.ke WE1	`2025-04-30` - `2025-07-30`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-03-05` - `2025-06-03`	3 months	crt.sh
accounts.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-04-27` - `2025-07-26`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
*.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google.com.au WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.googleadservices.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
syndicatedsearch.goog WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-11` - `2025-07-04`	3 months	crt.sh
oa.openxcdn.net WR3	`2025-05-11` - `2025-08-09`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2025-04-12` - `2025-07-11`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2025-03-25` - `2025-09-18`	6 months	crt.sh
id5-sync.com WE1	`2025-05-24` - `2025-08-22`	3 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-02-24` - `2025-08-20`	6 months	crt.sh
*.yehtu.com GoGetSSL RSA DV CA	`2025-03-13` - `2026-04-12`	a year	crt.sh
tpc.googlesyndication.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Frame ID: 57D6E877B1E64CA395F56EB4AA2C020B
Requests: 174 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1005654510?random=1748292648909&cv=11&fst=1748292648909&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4B7118C8E569B6F87FFDFA33F36EDCAE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1005654510?random=1748292649033&cv=11&fst=1748292649033&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DBashir%20Mbuthia
Frame ID: D92E602ABD6777AC26C9EF0655D0E4CE
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: C7AEED38CB2453F43D0785950DCDD130
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: 5DB334CFB14353C2F46B499390FBCBB5
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Feastleighvoice.co.ke
Frame ID: A9C3D5EE0966ACB76E57B972767A59AD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550
Frame ID: 17564CF47836F13EBF82BBDD34443ECF
Requests: 15 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=signin_with&shape=rectangular&logo_alignment=left&is_fedcm_supported=true&client_id=481326698458-mcrfe6h7clrbbko95p9btt573bii4feq.apps.googleusercontent.com&iframe_id=gsi_650126_394211&cas=9Ndy4PjhfHpu5n%2FjNgejp%2BJJD1Ai6BuOLQbMq%2FM3%2FrA
Frame ID: 73F7CFF06AF87D7828876EA72A84CDCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: 1F7BB11051EC6714715B9F4462C412B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701068765942733&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748292650&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.1&aiapmi=0.16&aiact=0.65&aicct=0.7&ailct=0.5848985667413091&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748292649165&bpp=93&bdt=2903&idt=1166&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8160023281053&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331833%2C95353387%2C95361618%2C95360959&oid=2&pvsid=3433475745281946&tmod=1707523106&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fnews.google.com%2F&fc=1920&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1376
Frame ID: 15A459B5DAEF7B1BBAAB7EE7B2EFBCD7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E4AF4EAE02D0F4D88A7E422AF08EBB4C
Requests: 1 HTTP requests in this frame

Frame: https://bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: ECE06E93E473AFDA2FD0D7150EDD5BBB
Requests: 1 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa
Frame ID: DBBAB59A246FCD166ABE2ADB80F0FC0E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYHS6_3eIgFRWaXVX_0h1vrqviHhwZLFhuH8m20lkULGDnYY1nriSqW2hTkqncBf9acFmmwMB2x_APpsOKE5VT2mXQ-K4kTV-v62TuOnfl2Zm-Pz-XKZU1JInB_MBIqvzY_7ki2rgUZLUGWl7iUddo2nkdngJyjtsQ5H6vMZ9DmxxmUFfacsnfgxFH1FFOr4n41QhKyG8xtVNFneC-XA63WCA2brUAPh80FIv7X9Ii0YzNlInmSE4K74c3OEtchCUdjhek9IuZqP4tw0BxdUmP3nuwisJ0k51_6bm3SMFNTbF70qT4rjqYqBNhJOS6d0Crgs9MzrVIYirFsfs7z1lY11blxM0m_E0ghtBIZ4KHMf9lOodf3rclEam-DkbzIm7QZlD-OHyYy1jYUV8rWNIFUFVBeDJhlp0gQRzFrFZREdr7phW0vfAz8ZzxICU&sai=AMfl-YSSmhAC7XUMYhZrLO0EVWsxrXKtuGd3CTpJ44BV4NpGW6YJvYSAeF6kA0iVhu21R8cnolV5R_SFoKXrizQLLXT2mrbCVSk54UrbZPNi_610m0KWSCLjVFDHlE8&sig=Cg0ArKJSzKKad9Y_qZvzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0A3A9D192D46508A7B17092F8A6CED07
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui9dZ3rLrPqqKSjQFMceIcbv0LYqoJU8ndYaB6X98XeJ5YvzoGE0HmECZwSUVrJq19c6bfVC2dKoSSfkS27I6ddmFS75GsjYhzMpZHZUYIgCA1RwUqgZBoriqWOdD2SisEt4mFfV3vwZm_XG-Pj0bzgu4fGepj8Gwe4ehi-R6rCRpgTqD9eCqDqiDR6ALePNaY-0644t4YtSbMCLWLC2YpeyL7CScHyx2RZ_Jn22jnxEbN6Ey4FIGKk2k-hBDWd6UIF9umu4hEVJBPpovWBgDtT-WX9AN_jfb2r9iNJXXaHl3fGrjfI0rKifWa0zoc_eRfbEzK2Dh0YxvOsJNhyb4jcxz5tnJ-L3zxJWZYqAsXT730JRixYyZokmtjvcnJcbFAiJ4RA5QdkV23bqn30N9hF-xv9nhceZzMQXZDtnqeleTvoMIiEIzxm6RTZwFNsodf5A&sai=AMfl-YTZWGMBzezGCZZRMt74srtXqdNUTIB0zaHAb33GvslzgMoBTsmOzaCIBsPkaz42J99mAeiJOsB7bD41iRaDPRiiz9KLmu_d-JatxHPO5r4UKh8RZqr2DeviJqU&sig=Cg0ArKJSzMpeoph8B-HzEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EFFC9A0324DEF8CA48BA831BE6EA4B57
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZtj0PYnt7mAMaSFlXbQRiIqEf7AKDe2bsrskK9eMhTnlRzzY5A2qv0r7ezJHm1EBZxXDNsfSzGXDDP0kDzIUIQGAk4Q9dxuPTj6FPgf6DrIWBVqRvtEanz9PhEm0G1mMviEVEgm73UYDubU-Qp9FTZ95dIfM8hznvAttEnxQd40mMIAdUxv12qCLYZvNOsUiGWedR0Yi5aprLgWLwyZ4pTyx3TQUG1_H-fJeQPgmtP9a33BkQUY2xklO2y7wcklaWN58Al7-DS0pZ19HRiU3YZlcp6-L6piJungYLoRIev26y0MxIVFt5H4g0hs5BUioGZnH4Bobwkffj_eiOxISZk1R8QPmETCnChb3zXTa-Ci5K11iVRonh6b-fk99PDxJG3CKZT_qfVED_6ZsjpqnRlHxBuQ8&sai=AMfl-YT6FHTCUknD4Z-vbHekGMSvFfmtU0hz7AKeukbxPL_ouqz9SY_vjhs9Y8-kSZMxZdda3r-W5evTMB21QeX9MW3p_jRBvRQRGZk7iV4WOyIQFlt-C05n456q7BNN&sig=Cg0ArKJSzBRAI9YErymlEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E7D7951C1CE64AB4170A91014CECE9FD
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke
Frame ID: 45A676D50C511FD55052E804590C2E9F
Requests: 2 HTTP requests in this frame

Frame: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Frame ID: B5FBAD93A137E96BF67F42C88F6904F8
Requests: 1 HTTP requests in this frame

Frame: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Frame ID: 533BB3957FA76B17EC0F85C083036488
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A52E30097BF3536DA937B7BB044BD3C5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ruto unveils Sh950 million compensation for human-wildlife conflict victims

Page URL History Show full URLs

https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFp... HTTP 302
https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFp... Page URL
https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-c... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

245
Requests

89 %
HTTPS

0 %
IPv6

42
Domains

70
Subdomains

53
IPs

9
Countries

4982 kB
Transfer

13823 kB
Size

59
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EastleighVoiceKe
Title: Facebook

Search URL Search Domain Scan URL

URL: https://x.com/Eastleighvoice
Title: Twitter/X

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theeastleighvoice
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@eastleighvoice
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@EastleighVoice
Title: YouTube

Search URL Search Domain Scan URL

URL: https://whatsapp.com/channel/0029Va7W2WU6RGJLTsR7vg0N
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=eastleighvoice&utm_medium=referral&utm_content=alternating-thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.comparethemarket.com.au/health-insurance/aussies-over-50-with-private-health-cover-need-to-know-this

Search URL Search Domain Scan URL

URL: https://play.elvenar.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theeastleighvoice/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/Eastleighvoice
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?utm_source=whatsapp&utm_medium=social&utm_campaign=send_this_article_to_a_friend&text=Check+out+this+story+from+The+Eastleigh+Voice%3A+https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Title: Send this article to a friend

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=eastleighvoice&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=eastleighvoice&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://signup.fattaildaily.com.au/2411483

Search URL Search Domain Scan URL

URL: https://developers.facebook.com/products/social-plugins/comments/?utm_campaign=social_plugins&utm_medium=offsite_pages&utm_source=comments_plugin
Title: Facebook Comments Plugin

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsv_IZWH39DyAAgnLaLiwUrZxkRzW4KmlbbiYiSyE_hofXl6QiX_BfpLkM_daOQ-1950skfxsEc5V8rDxFTeFKeA493Fwb2Xl9RMRC6zYEQV2yxXPDIWZ5DfMJ79y7wSG6gPHtLsnAOSASzScu7yhnqV_6MomEafU6FWi4lGiYlSHGJ-36u0TF954SIUobNEfngBkQ0cQ1AjbMpuwvUR-E5n_5u0AHXeB9sFya2xorRgeetL9ZB5RbvclOY8UJF30Q0W0p2N3LWMimT8Aw-AD_-AXBhgxdjUvrxkxBjUdg01YYooDRQ5WqtPd8oziqOudi9cN9ASECgsmfqWndEwg9RmylRnb0mLkYFnlVYSrx-FWrbgBkW3-eirq2KXx4ezlYErxorTlGpFx4JBkbJRGSI5iAsBByhhfaaNKUY9AmOw&sai=AMfl-YSccHP4LS2M_RejAyBlnWwYgl2JYUftW_-JgiLEdxTz66pORU9zcTU0erNuNhE4sm5o-0P9D0sUmLW4SNzb_IgTEplaOOgBSTIf36FixiqQ2RJZJlsK48974wA&sig=Cg0ArKJSzBs5qXVrrym_&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.facebook.com/amilitopuplimited/

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QAL-6bRR9hg2efH7WqnNYopJyq_6gSxZHpzNCHJw4Lv2pbZGX0MRyU_wNPZQnZaIH8nMEhj2xSg0j7C1WeIwu3JFjnaovJEBnuup9VSIgJL-Uz_JzaoMAvZnSq0tp5sp4R-rHQT_qJj7oZi7FrHFSPG4UM1VwoI3GIpz1bvLeqs9UDQMqDRrjibYfh5NDfsR01rLfguCgC-zbX2GzppfufxPNzjAaPdspqTjdkgSJjMZaKwoqnr-zRrNSRmecElaHMRa4PBPX7GSB9S30GK0HYIF80OUtqQdESjiEFghEHgNsNYEVrIxzMx9z00k6VDpEjyL1MON2YNy5tCBqeUlL7RRnQdmIvMOsSBg03lji4UvyLmlZzx3IIxmPQIJZBCrC7nqSCasLm6nwXAoEOXDHzyeAGe61U_aTFe9JceQ8nF__ayaSu7_NEB8AEypsJ0d3-4MFMsyk1S8-wmSSXxKHVa4TXOBQ26-bzgiNQQ8GyNjSFEZb1_TwK02gJ2nbfB2XTbQmoI8ClYokdgLZs5BUynrno_eD6mzCIouh5AdO33qXp9ZnDr_p6rvU6GD_lSm6hEW90DsSjNu4mE9jAcUTAPHE4pp0OsbbKGG9AG92Q0YbLr5pQdP1oCjrT0XE9Th-tSLdkckLropEq0PTa83QARFvXeCyayEpcFfZUcrAQIHDwlkEAeyao72S904In7_sVuwMtATVRVrFFR70cnnDZcwph_IzIc359ZhjgKdapcE1yQp0utOrKhBsWUVSb5_zO3pJAqVOF6-n90IqZpJ0_VIJStw7rOvN1jYca4gjRD7eXQCi-8gncaTpYh1Si1_ngOLYrs2nPryE-Je8J66Zhqs9s2beTwtKQtv2IAd5p_mUqztjnbIL1PwKvaDYByND8q4Y9xF_6_SYyxTDksUJZs2fGbnDNMmYHIuuacaE99pu1QEg9xC8Ac_3Zn7W89N2haFQ5xSQ_KALG92GmUk5oLhaAtcYDgH4cSg1XVsDn0g66uILtKHGaAJVWzo1sqJql49fv6xePHc2GcGmwkJ77KnvREi1O4YDkAHtUlH-BDqrg9VthT3o8YMj5at5BCqoFncc5qsP-t2PIi7LzRPxQdJD89Y30RQtEBY4D6e2Lf_fmi1-x_JyVbjDM-Sw5aDUHNuCqqdTTe-GM1he8tR9PUqCOjm7O8NaGD6Fz-n835sX5pthwM4GoBBmFLck08M9hBXV61LF1pRClHD8u3pnJwTpfLyhaqynuk6XZ6lqpR72o39SFyVcxPWJYhhMMQAUCXvyrges1ZFUhzFsn8sHV4wF0NeFrlNAZprHLujnDlFYoWvZju4cDC_ulir7e6MFsJ7HpVKx9qdtjWUiKHnqr4-ztkHqTib4fEUTqi_me5xDumi-SLnFIkSMMxHODj3kTDw4zsqCyaNgy2m1voXnkKmLxjm2-aivzKX4NjwiOgzBgOcD7nDTu-D--THOEu9RhNyHLUHErVXbwveZmGfvRIzIBOJjEntbXkXj9P5PmD2OIMweJmhyZyyRodB_mSyWIL1YjpuavjL4qthdE0c2O_oQljdw&opi=122715837

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsuhrKRNMkntVS6Sjpz5sFNZdZN93XnrwcH2yAN811b2sl7X2l2tfSxFBAI6sUIngWNinAwYnA-NjBOhKKDS5Dd8_9-9RiXTc6tNd_7yyBH4lIt-fSwIiXqTbGvMgygJBcJaNNQ839qptCF5hK9uvseHmoyoZGF1JM2S6p_fBeymqC3uVlcZv3EooCUjf9HpicfeoSkzF9mLl-wlkC4iwQ6L6FDsPhsZGRree4Jd-Knsa7UyLgGpl1PoS4g_CPm6XqQx__ki-I8ehGwJnGIPgb-rvJqC8SLrNlSV4vvFEHnznWHp-CojIGCfdmee0Xk6Ut7CnT0yuS9If6Gyt7CDTGdy5FVIMcNry4JZzcwZqsVqRC9oBCb0wHCxWmq4v1QBgBQDCA&sai=AMfl-YQQ9LIYp25PLlxrvifUf9GqvBnFo8sEMlxN9OkcZ5oQb08aA_3i_82RSzA-4V3A7iWWvxTm_-H9PJ6tED4dHOWaNUJ6OU7dZCj62c_5eiWZbFGEWZFG6hUcjxZ6&sig=Cg0ArKJSzAwBAbsPyOVK&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.facebook.com/amilitopuplimited/

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QCNvKc2T-i6CNYkMyb3haVn5i7ZqdmyF-X4FRGH8vkdeB_tolkE8_eJRq5UoMaLtP7txFmRjMXbyeD-_JBRqLxthZUWcdFPHOoXeg_zftkIEs5CrZsRoopyV0VJJ3It85ePAXDbsq5VTkmpTnaHdszMyJqQL2ZfLNPiHRIqkXXT_ko_P0R0B5xzCvBXjOLMOrkGxJPpk4LRl-FmnraebB-e6yzm2UKZvJkHp_uRPK3-UFvmZB-qi59Xx6TjEkLoDZKY1ZjzQv2rKoLAxg9Hv7fXOLMbhXTIIuqTmDPGfcmtXHOpIgEHiggq6zaKml1aBAz-tpC9lrl2oJSqMAis4mWsXqqaotOQbqkKMaIA3Vgv3PjiL35B83IPmpx5FzCY7eNW0BhXnqsZfHddIykGZBIB0z_Ppt68HuhislM-CqK244zxySXtk4QCmW-qsUL_tBHw1ZiXdBuEc_MNaqZ93kEkhszFQHoKGtCPJzqnI8meTBQhR1_sy3pPH0q7lfeKNgUK7pYCuuU7TEbsDMFmCmEm293s5X5VQRG_tH2PZ-j3KKMxe0KOijsK8ZX9hSNGoX4hvXulAZow17Zfgex7jVrfPPXdHtsqaJ-QJkRq7SPnaq_ADHN-psvT5fbzHjyHGz-w8P8EDY5HhvQ3BwJl-ptCT3v9TaudtVgrWUFxXIypzdusPcf_s4SzYeuLGVVJ8Guo207SIBGhY8YGwRXFxVed_UVSR8AUFSBaLY9PNL7I9jBBaeDVFHAaUxO5wgd28yS9Paue_UyNm5aJi01NRUXLEOWnFkznDDASBdoA_xvvVhyz5na-cFvAxKSMkeSjuLIqA-hK3LRNoc-kOwc-r5Qdntvz9dg5nkLVR2gVNj03F1OXiyNaMVSV6MDp40eQdSjchGR0mxzpRVNOyHYmYX2zvYhrNuwt_oZX5WigZT5woiY38FmLDMZwbTi8_sPOtqThrLoXvLQxvUaQ-9dRsQPBTsLUih6F-aky90SlWpP1D6rZS3lx8GTeddXANnIP2iS1FnFv350CykspuiRIFAE71AIZkN-5pkhYYJ5afD7glgr6wPYFHwjTDG-LLFFeoEGCYLTMNAyFdAuvvsb1Nj2chVvApPfvKVmVsEmUMVi0THYOHNQWsXN2BY3dvPowVYO_kzmU8g1ztM0bv8mAUL3QtcBJ15HahXR23aqBiycm6JwHuuu0juncnZaSTkr0YrNFupcP41LtYbztHEgrzGy6YQE8_ueaLgklwGLapZixHiqel7o19azEEl-GG1772_Z350UQMDHjAD5PzOXiWP0vIDd-CTAS34phD05BBSoFmZVrAbuQWwuoaP-vics_ociZiMon1pH2G4J_gKMa-k15O2M2nsN5bcRqKkLCFkd0uf_ShCeLt1BjJ_VgH1facxRTPdhr0G7aXOeT7VXFKCYwHGHUzyzq3bZFC2qjQn1eHy8aH5JHhhh0S3ana--5qpjQZstT4CTvn5Q6C9hnLfZG_yrvFK7uPagXgf71tsm2&opi=122715837

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5 HTTP 302
https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5&hl=en-AU&gl=AU&ceid=AU:en Page URL
https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5 HTTP 302
https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Request Chain 62

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748292646957&_gaz=1&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&cid=853114421.1748292649&ecid=224638371&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1748292648&sct=1&seg=0&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&dr=https%3A%2F%2Fnews.google.com%2F&dt=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=4020 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=15607299213464102554&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F

Request Chain 67

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748292646957&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&cid=853114421.1748292649&ecid=224638371&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAAAAQ&_s=2&sid=1748292648&sct=1&seg=1&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&dr=https%3A%2F%2Fnews.google.com%2F&dt=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&en=page_view&_c=1&_ee=1&ep.author=Bashir%20Mbuthia&_et=125&tfd=4159 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=16346824060139757303&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F

Request Chain 78

https://www.facebook.com/v15.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550

Request Chain 124

https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
https://www.temu.com/api/adx/cm/pixel-taboola?id=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa

Request Chain 125

https://ib.adnxs.com/setuid?entity=584&code=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3De9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa%26gdpr%3D0%26gdpr_consent%3D

Request Chain 142

https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&rid=esp&cc=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFTGjZUJSZkbJtKakB-TJyY&google_cver=1

Request Chain 206

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa1_0bZ-jtVyks8AKGevVgQyRM8AAAGXDlzWww

Request Chain 207

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDTULsCo8YUAAFpZuK8AAAAA

Request Chain 208

https://match.adsrvr.org/track/cmf/openx?oxid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec8c0e11-d789-43c3-8963-4631e26db9b9&ttd_puid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0&gdpr_consent=

Request Chain 233

https://cs.admanmedia.com/0a28772f54bab302b4cd3d4ab3d49473.gif?puid=6e30751563e5461ea43f96ca8c752fa5&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D41783197-9E0A-46F4-B576-C7B369401968%26id%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=41783197-9E0A-46F4-B576-C7B369401968&id=9a6dbaa7-64c4-4c7a-993b-60a8942cacd6 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=028644170b0f4fc192b65c3ce12c5d63

Request Chain 234

https://sync-service.net/ssp?token=QW2e7t5kKis0&pl=community HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=43630160befdf5e35268aa93e4422844

Request Chain 237

https://server.smartytech.io/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D17669FAA-B4BA-4D29-A46F-9415F4FCBD4F%26id%3D%7Buser_id%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=a0c7a7b2-cac3-470c-83b5-d91cd54bc592

245 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWY... Show response
news.google.com/rss/articles/
Redirect Chain

https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJh...
https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJh...

592 KB
123 KB

451ms
445ms

Document
text/html

142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

48df741978c7764df41197d7f628ea6a8d25c32dae087888a9825d3dec8dafd3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cpP59LHBLV-VyQePfKlDNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cpP59LHBLV-VyQePfKlDNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Mon, 26 May 2025 20:50:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/DotsSplashUi/web-reports?context=eJzjctHikmJw05Bi-LRjBmvrzXOsU4HYUOESqyMQX06_xFokcYW1CYg_Vd1gFaq-wZrEfpO1CIhDP99kXbPxFusWIBbi4Vi44vJBNoEHrfvPMispJ-UXxqfklxQXF-QkFmcUpxaVpRbFGxkYmRqYGlrqGRrGFxgAAChTLnE"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-PltXwR2WrJWe-z0ph6S2wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-type: application/binary
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Mon, 26 May 2025 20:50:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5&hl=en-AU&gl=AU&ceid=AU:en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 60 KB
3 KB 608ms
250ms Stylesheet
text/css 142.250.204.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i

Requested by

Host: news.google.com
URL: https://news.google.com/rss/articles/CBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f10.1e100.net

Software

ESF /

Resource Hash

4ea94890f416dfcc8d5eab3b357ec1abdee7d4c6422820a3db9207b7157c4fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:42 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 19:39:37 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
114 KB 883ms
274ms Script
application/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9379024a28c9882e60b18b75fa610825373c8527b32cf95d97824ba2c81ffb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 20:50:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 115875
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 m=he6YWd,aLI87 Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,... 385 KB
113 KB 500ms
163ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87

Requested by

Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAgEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NcJsEmZxQGGK_RJ9ZiLK1X1zZyng/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

e3ed6cc2a13fd1de0a856298c57440fb4c9965bf97cce5081c491d89503712b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 39851
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 09:46:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 09:46:32 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 115278
x-xss-protection: 0
server: sffe

GET
H3 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v23/ 22 KB
22 KB 319ms
98ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v23/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

c3f8c3da4430d08cda67d76bb22d139eb22bc7f85fb703e2121163dd2ffac787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://news.google.com
Referer: https://fonts.googleapis.com/

Response headers

age: 397326
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 22 May 2026 06:28:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 22 May 2025 06:28:37 GMT
last-modified: Tue, 04 Feb 2025 19:57:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22056
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 553ms
250ms Fetch
text/plain 172.217.167.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SYGF1G18MM&gtm=45je55l1v9117462484za200&_p=1748292642984&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1965284944.1748292644&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748292643&sct=1&seg=0&dl=https%3A%2F%2Fnews.google.com%2Frss%2Farticles%2FCBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw%3Foc%3D5%26hl%3Den-AU%26gl%3DAU%26ceid%3DAU%3Aen&dt=Google%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2674
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://news.google.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:44 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 1073ms
516ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 26 May 2025 20:50:44 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 1059ms
516ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 26 May 2025 20:50:44 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 m=LEikZe Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=_b,_tp,aLI87,he6YWd... 224 B
249 B 101ms
100ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=LEikZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 62606
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 03:27:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 03:27:17 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 156
x-xss-protection: 0
server: sffe

POST
H3 200 log
play.google.com/ 131 B
151 B 519ms
274ms Fetch
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Mon, 26 May 2025 20:50:45 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H3 200 log
play.google.com/ 131 B
151 B 509ms
272ms XHR
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Mon, 26 May 2025 20:50:45 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

GET
H2 200 m=PrPYRd,qTnoBf,pw70Gc,QIhFr,hc6Ubd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,_b,_tp,aLI87... 17 KB
6 KB 106ms
105ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=PrPYRd,qTnoBf,pw70Gc,QIhFr,hc6Ubd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

ea2eb194f721917932941a998262077a3ede3fc35c39697b552550ddd2a9ed8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 10470
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 17:56:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 17:56:14 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 6451
x-xss-protection: 0
server: sffe

GET
H2 200 m=P6sQOc Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,PrPYRd,QIhFr... 1 KB
811 B 206ms
206ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=P6sQOc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

ad54c3d6304bb8e9633c9d2790f7588a9144e5950adca78b0cabcda9cda92457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 28883
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 12:49:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 12:49:21 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 718
x-xss-protection: 0
server: sffe

GET
H3 200 m=lW1Lhc Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYR... 13 KB
5 KB 98ms
98ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=lW1Lhc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

6ac8891574bd35cb8a15af8e214ec751a1db35c59edbaf8b816d3d4c50a54089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 16810
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 16:10:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 16:10:34 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 5257
x-xss-protection: 0
server: sffe

POST
H3 200 batchexecute Show response
news.google.com/_/DotsSplashUi/data/ 419 B
290 B 223ms
221ms XHR
application/json 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=Fbv4je&source-path=%2Frss%2Farticles%2FCBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw&f.sid=955002863076833756&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=17445&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

d5fa7a2c049f9332b2d84b2e0a35ff1cb03ad3eabd4edd26a87a215bd1f02057

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:44 GMT
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYR... 4 KB
2 KB 102ms
102ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,lW1Lhc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

3720dd359056e021bfe3bef07ba58c8e960cbebf30e2b786f46d8f10b52ea8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 180900
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 18:35:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 24 May 2025 18:35:44 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 1776
x-xss-protection: 0
server: sffe

GET
H2 200 -DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32
lh3.googleusercontent.com/ 2 KB
2 KB 546ms
160ms Other
image/png 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://lh3.googleusercontent.com/-DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 1277
x-content-type-options: nosniff
expires: Tue, 27 May 2025 20:29:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:29:27 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1540
x-xss-protection: 0
server: fife

GET
H3 200 m=p3hmRc,LvGhrf,RqjULd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,P6sQO... 21 KB
7 KB 109ms
109ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,P6sQOc,PrPYRd,QIhFr,WhJNk,Wt6vjf,_b,_tp,aLI87,hc6Ubd,he6YWd,hhhU8,lW1Lhc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=p3hmRc,LvGhrf,RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

19793fa28dc161337ef315aa45c7321c0a1c231a0c9de23d3bc85e4f5fb224d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 35149
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 11:04:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 11:04:55 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 7523
x-xss-protection: 0
server: sffe

POST
H3 200 log
play.google.com/ 131 B
151 B 498ms
262ms Fetch
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Mon, 26 May 2025 20:50:45 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H3 200 batchexecute
news.google.com/_/DotsSplashUi/data/ 152 B
188 B 453ms
451ms XHR
application/json 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=xZTw2c&source-path=%2Frss%2Farticles%2FCBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw&f.sid=955002863076833756&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=117445&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:44 GMT
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 200 log
play.google.com/ 131 B
151 B 509ms
273ms Fetch
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Content-Encoding: gzip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/binary
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Mon, 26 May 2025 20:50:45 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 442ms
442ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 26 May 2025 20:50:44 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 439ms
439ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 26 May 2025 20:50:44 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=aW3pY,e5qFLc,O1Gjze,KUM7Z,duFQFc,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,LvGhr... 153 KB
40 KB 104ms
103ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAgEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,LvGhrf,P6sQOc,PrPYRd,QIhFr,RqjULd,WhJNk,Wt6vjf,_b,_tp,aLI87,hc6Ubd,he6YWd,hhhU8,lW1Lhc,p3hmRc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2PIxJLStO381K0HDJrDf3GBZid35Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=aW3pY,e5qFLc,O1Gjze,KUM7Z,duFQFc,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

6e763114762011985518007523e50ad5db3f86101e98cee9fbccabeecd388589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 195150
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 14:38:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 24 May 2025 14:38:14 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 40665
x-xss-protection: 0
server: sffe

GET
H2 200 Primary Request ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims Show response
eastleighvoice.co.ke/national/155479/ 263 KB
30 KB 1293ms
1081ms Document
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d73904d0d2eb17d468d56d0ea761efa551a9e65d425a419e88abfad9dc0f045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 946025881e207381-PER
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 26 May 2025 20:50:46 GMT
expires: Wed, 28 May 2025 20:50:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5juwXEkrRezCGFcvbQ49iGGhzgLPpgD3GgLhhftRtt4V01M1zopQdYulLyhZWgVcpRzL4Y3kJ56ERXSrjhwyLVlArBhQ9aSmVFnL11NcJCmXPbfIxIa3sLKX9hPfGk0rpuz65L6aw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=130&min_rtt=116&rtt_var=29&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4021&recv_bytes=2431&delivery_rate=26168674&cwnd=254&unsent_bytes=0&cid=7d4d6afe85fc0695&ts=1149&x=0"
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 batchexecute
news.google.com/_/DotsSplashUi/data/ 151 B
186 B 231ms
209ms XHR
application/json 142.250.66.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=t11Gyd&source-path=%2Frss%2Farticles%2FCBMivAFBVV95cUxQNHk1bDhwWUNIMF95aHJnc2xkUGg4aFVWanNnb1cycDY0VFpPeXhTX2hXMzQ1ZHk0TmJGUU1Zd0JOZFhXMGtKeVBPa3ROR1BoWFdUSFByNFNDcGFRRlhWNDVEcUZnNUdVTDRmb2hRcHF3cHJhay1ISU40RkhtbU1WaThkYVpRRFNiYjJpdTRWYTZRdW5oMm1pVnZpLXFXUmxFRlZneFZWNnR0Sm1kMFVZc3FWajFkVjdPVG9CSdIBxAFBVV95cUxQSV9wVFY5REFCNUxvRVBrQV92T0RSVld0RXpBZFVKNllRX2VYLXJXdWRQWWdaZEVSZWp6X3hJS2gzN29rdEt1VGcxS1poMTZPT1h5cWdCTTFFenhLeDN0ZWVCQnNpVjl1WF9CdmsydTR6d2ZZdG5qUzlfRHA0LUNob3BfY2ZmT3JjdEV3Z2gzY1dGNGdCRERDdmk2S1pmSjZqWVRtMDZrTmtnQjU4Q09zWVc1eEZsSWI4NnJXZndCNk9wajlw&f.sid=955002863076833756&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=217445&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:45 GMT
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 404 speculation
eastleighvoice.co.ke/cdn-cgi/ 0
0 64ms
63ms Other
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://eastleighvoice.co.ke/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

cf-ray: 9460258f5f007381-PER
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:46 GMT
server: cloudflare
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LTH4fPiGWo4jTEi6LTP62hfxSsVDE7hikbklvPfQU7A2eJa2yzStpu4JBGZgs7X08AtD5rUak37gmoQ6ZfVbrc%2B6Nbn%2FO811r9ClkohnMJBosw%3D%3D"}]}

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/ 79 KB
24 KB 341ms
135ms Script
application/javascript 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k"
age: 1647218
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdCed%2Fxk1wRZUdiJTGi164GU3%2BPPVP%2BplXlRXRHr6R5idgHPTPFQhjICtsoNKXHnlR1O1uFPYdMFJcmIlyLg5b9VyL6mZQDthpaVD8tl%2FIjNhYm%2FdPlwTmlALfcOSqhMybQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Mon, 26 May 2025 20:50:46 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220038-FRA, cache-lga21972-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9460259228c587b6-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24668
server: cloudflare
x-jsd-version: 5.3.0

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 202ms
73ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6599bda5-28f2"
age: 441892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KecgRBdvnHnzYKFgmitEbHziX0PAtsioY5FOPSZ2DP7FAFU8Md17HJJEg5HA%2FmkNvE2FYDZRtxD4yJ9oh9JUhbme9e1x6JDZSavlDNGeQRZ1vRq0GUdWXkuKYCXVQ8dOD9r2DG0K"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 20:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94602591b8738e94-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10482
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 227 KB
28 KB 261ms
63ms Stylesheet
text/css 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age: 1303076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2Fp1LnGHfM3CQbS5Id1QU79U3jT8CT5ovvQHgffmDvAzKS9DYrPcoH9x24WTj%2BZzzmfdzqT8ELNftRqZSTXKRGjYbO7ggzRuRmCbUkRvT5dPH5hZM2kKoTO%2FLvN3P%2ByEHiQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21958-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9460259228c387b6-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27424
server: cloudflare
x-jsd-version: 5.3.0

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons/font/ 97 KB
14 KB 318ms
120ms Stylesheet
text/css 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004322721c8557331759bc6ddaacbb689b0f0715d688aec82bd056d2d5b5cc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"184e4-ptHboTbR5gcHjbMAMHDqs0tR7FA"
age: 31247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LiI1vIpjoYN8UZhkD63yvvV5VbZQnmg29Bok7Yr%2Bnnnfxr3ytQLefBoAGnlv9DDxcZzIdy6Hbe6D3%2BQrk%2FsF%2BT%2FWGEQGDqZaKHagmnEcVAPpy7UPIBG%2FzwE5Tnsq%2F5Mqa34%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230156-FRA, cache-lga21982-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9460259228c487b6-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13832
server: cloudflare
x-jsd-version: 1.13.1

GET
H3 200 theme.css
eastleighvoice.co.ke/assets/css/ 279 KB
41 KB 133ms
131ms Stylesheet
text/css 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb1e01b621765c78a051d7744197bdee1e411a436a4445e25067ef83d89df50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "45b9a-62c867042ac7e-gzip"
age: 4730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6W%2BbWct3yaycnq6a1ps3mbKzN7or1lviExRSZfdO8EOagInODfXyijpJqFHqxkOIufMGhbo3QEIcX2VFbDf5DnFqQAEQ81A5maEsY59iHZmPhDx3IIE4RvYQjPzv35LG458mEtfjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 21 Jun 2025 21:13:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51557&min_rtt=47189&rtt_var=14367&sent=26&recv=13&lost=0&retrans=0&sent_bytes=19363&recv_bytes=6874&delivery_rate=1344797&cwnd=15562&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=275&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/css
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602590fd4e8661-PER
accept-ranges: bytes
content-length: 40955
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 demo.css
eastleighvoice.co.ke/assets/css/ 7 KB
2 KB 206ms
204ms Stylesheet
text/css 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/css/demo.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4eb6049325d3e479c1fbebc35d1b47f399a21cca74ed75bf7e3a4365cddf21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1a93-62c867042ac7e-gzip"
age: 366113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbYvpIXFBb819iiGnHUlhulo0O36dShcc5W7Djm2mpN7%2F6kxUuLqN0CKAFmCXO7%2FwIFtvt7PF21IGrZBzKeRJEGcGpPU357ripqGmA%2FNPYDsq%2B3r6%2BLfmYYzwEhiHai9cqjVYEej6A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Jun 2025 21:10:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51557&min_rtt=47189&rtt_var=14367&sent=26&recv=13&lost=0&retrans=0&sent_bytes=19363&recv_bytes=6874&delivery_rate=1344797&cwnd=15562&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=277&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/css
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602590fd4f8661-PER
accept-ranges: bytes
content-length: 1821
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 style.css
eastleighvoice.co.ke/assets/css/ 12 KB
4 KB 133ms
131ms Stylesheet
text/css 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/css/style.css?v=358e?j8bjxb

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

872c2243a3a89f9f017a6397c835014e0664b82be6540187d5f81f3e028b49f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2f7b-634c2dc32bc83-gzip"
age: 1414119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtU%2BRzqPmcJeRCcSZ4oVBoFWWxNBrTZtzLvh%2Bt2ah72GuPcMsIW5ozO2x%2FuqQrubAhJwBf3KBZFy8HB1inrm1MhqBRv8KSTrT1Ffwj0zVFLrmPcjf3rhpCe85QxnzKaIJhi18Wuq%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 07:16:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51557&min_rtt=47189&rtt_var=14367&sent=26&recv=13&lost=0&retrans=0&sent_bytes=19363&recv_bytes=6874&delivery_rate=1344797&cwnd=15562&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=275&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/css
last-modified: Sat, 10 May 2025 07:16:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602590fd518661-PER
accept-ranges: bytes
content-length: 3085
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 425 KB
142 KB 624ms
264ms Script
application/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b19a3eefc5a585cefd5f98d2f6b7b1334fdffbd15b3de209c383b31c40360d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 20:50:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 144248
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 1282ms
250ms Script
text/javascript 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

790a7889e7906ca38d41411080df22db92cda949461a038c6698560324643f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 689 / 20234 / m202505200101 / config-hash: 1295865988360337441
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 20:50:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34632
x-xss-protection: 0
server: cafe

GET
H3 200 push-notifications.js Show response
eastleighvoice.co.ke/assets/js/ 191 KB
41 KB 74ms
67ms Script
text/javascript 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/js/push-notifications.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32bb7cb99bb2ffb5b46efeed845a241336eb27cc959be9865c6e17629dc36e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2fd0f-62c86704396de-gzip"
age: 131724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmI%2BZ5UktSuqj2WNcSpauShTrTGA%2BisI8XS7PPrdQ%2F2nRH9sS%2B6dJ4Tj4utk5EzbQn5%2ByaXuNHcEMCJcxqvBkRi6HUyEw4AhfUNpQ4ZXkJFT8Fr74%2BR5G8962oDPW9ig27096xj7lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 18:54:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=177&recv=82&lost=0&retrans=0&sent_bytes=179193&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=702&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: text/javascript
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd578661-PER
accept-ranges: bytes
content-length: 41575
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 1210ms
215ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7701068765942733

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

db65b81317465dcf9f1f48bf14ab29bcaa48b292e9bd034e7e4ce7399e1fd166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 3657689203220032819
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 20:50:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53261
x-xss-protection: 0
server: cafe

GET
H3 200 ads.js Show response
www.google.com/adsense/search/ 137 KB
50 KB 1248ms
212ms Script
text/javascript 142.250.67.4
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f4.1e100.net

Software

sffe /

Resource Hash

76568c23cac62579ba0b8cd15759dee498de7188b569bb25f717d7afbb27ae47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "6099158543675685345"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H3 200 logo.png
eastleighvoice.co.ke/assets/images/ 34 KB
35 KB 80ms
79ms Image
image/png 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eastleighvoice.co.ke/assets/images/logo.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11feac2edff6d483f55354f6da985d0aac66732ee6ee2d55867a9e1b38654be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

cf-cache-status: HIT
etag: "89fe-62c867042db5e"
age: 2666851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXd5jUYX04uVmRyTnPqeBJUiC8ragyRXCf3p7mNQECM%2FRIYSSYOn0pmb2MdOp2dfZ%2BLw61mWiHjFFjDm0veHBGoRB8gGMZPcLswEunH%2FkIqzToDLhrFw7OXYSWZ7mx8w1gwvXxg9dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 22 Apr 2026 19:04:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51557&min_rtt=47189&rtt_var=14367&sent=13&recv=13&lost=0&retrans=0&sent_bytes=3829&recv_bytes=6874&delivery_rate=1344797&cwnd=15562&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=274&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: image/png
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602590fd508661-PER
accept-ranges: bytes
content-length: 35326
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Gr3q_WwWIAAd-hF.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 358 KB
359 KB 94ms
63ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr3q_WwWIAAd-hF.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84645b7b9df42ec0330ddd9a5c06b0d6274e59cb995bf2ff1566e1cf88635e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 4729
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=m3ZH364M1bv%2FIJYU32bQE8bS3QneO5plrZu2ZPSICNEcdzQYkTb5CEpnKzZUkCXX6af%2FtHYztdFNuu%2FDhHkmmw%2FCsNOWwhvW%2F%2BMLq26d4HaKr9WujeNZuLJi"}]}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 18:34:58 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:46 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 18:34:57 GMT
vary: accept-encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 946025911f367381-PER
accept-ranges: bytes
content-length: 366989
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 274ms
98ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

5f8147c963d97bc4f2739e5bcbbee007223d1a5de882536ac6d34c0365c2b312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-md5: CoHrVCqpqTDSurYmO7zouw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "ad8115afe723cf9ef1d8208030244015"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:03:49 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: a592cfbdc39616bcff340dceb91591cb
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=114, rtx=0, c=23, mss=1232, tbw=4960, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: FFWMZXSgP5pxj1Fn1wDT2t7aqzud7r6PgX4b/vZ4D977D3Ex0hHb+XvxznL5gDL0FPSasDB21opqnTljFVAigg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?1

GET
H3 200 a-child-drinking-milk-1.png
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 182 KB
183 KB 996ms
992ms Image
image/png 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/a-child-drinking-milk-1.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21a3cb89f3357ac7c5b7b0ac0fb823850ddbe43bdf2517132bee0937b084cb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrEeA0Zondq2d%2Fi6VKrt9XaEtiFr4CnS%2F6URVqYKTV12wsdU9u5Qf%2F1bpw8rx7aYTzDDh1CASJRs0BBBf99Voj%2Fo58OaooECspXzj20dPDG8E85YvDUQGITe%2Bp%2BrNcAO12DZjszNDH8jcH1jyz%2Bt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 24 Jun 2025 17:10:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=53824&min_rtt=46069&rtt_var=4824&sent=779&recv=154&lost=0&retrans=0&sent_bytes=892053&recv_bytes=21851&delivery_rate=1344799&cwnd=158026&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=1410&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: image/png
last-modified: Sun, 25 May 2025 17:10:45 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 946025924d528661-PER
accept-ranges: bytes
content-length: 186612
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 974c8f31-9374-4b1a-abe1-557c7e0ed972.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 76 KB
77 KB 67ms
67ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/974c8f31-9374-4b1a-abe1-557c7e0ed972.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b0af6bc7027a520060d17b3dba0fe1b341c5366c863fe32c0db3d10a433da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 4730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FCttos3w60lkCVlEx68ym4s2MSLFXE7IGZqmDcputylIWjNJU913AVQOMC0bYC49wLZHTZhfNEykK0YNALHgmNnJiPoYoE%2BVFBDh%2FzPMDVE4sV%2FydUblRl2%2FZscGDqkZ6TOV1UdEJ8DEpyOeVyF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 17:11:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=52469&min_rtt=46725&rtt_var=2221&sent=91&recv=56&lost=0&retrans=0&sent_bytes=89987&recv_bytes=9468&delivery_rate=1344797&cwnd=101651&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=550&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 17:11:09 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602592bd538661-PER
accept-ranges: bytes
content-length: 78078
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Sudan-camp.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/ 91 KB
92 KB 391ms
388ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Sudan-camp.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ad865c441a5bb3e246dfb1d9bac156fe018430bc2d14a183051c8c5a10453bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DyZ1w1kVV5jUYxWvBkXwkM3PvI1CG90U3%2BgU4Rz6oDA4XcHWzXOgphjUy%2BHAN%2F5tJYtS3ZIMPuJuTTljJ91sZmHdeigED0COmraw78bDr0YSxuoLbVjF5SN%2BdXO%2FAATHoM9aJigLAyMb%2FUyoGORF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 19:55:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51719&min_rtt=46069&rtt_var=2870&sent=535&recv=119&lost=0&retrans=0&sent_bytes=604564&recv_bytes=19279&delivery_rate=1344798&cwnd=187864&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=1023&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: image/jpeg
last-modified: Sun, 16 Feb 2025 03:12:23 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593ad548661-PER
accept-ranges: bytes
content-length: 93427
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Gr4m2fcXMAA9UsP-1.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 180 KB
181 KB 73ms
67ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7e5b5fe8044514bca490102b36bab62a655084651ac2ec693d3965ac3ed1e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 4728
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylMqb9BTFgTgzprnUYBxYDSt8I0keSNkFRXEzIe8ls6mVgZ30JY2%2BKaWGK0MKVyLIKYK5kRYzNj8y2K3QJBNuefwJTf3IjmzaEpT%2Bnr797Bi5JLyTM7Cjk8yNEnaA2Frxmpnf%2BPwhB9uv2IvB759"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 17:28:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=171&recv=82&lost=0&retrans=0&sent_bytes=171993&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=702&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 17:28:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd588661-PER
accept-ranges: bytes
content-length: 184470
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 SHA-HQ-Nairobi.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/ 118 KB
119 KB 1434ms
1429ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/SHA-HQ-Nairobi.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee30afd22f5ade5c9a6907ec3828481020d7725b5b00d79ec50b8629c8dc1319

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FOAmDWVGPaqBsGIUCT1b60SBDhb2Yri8j%2Bq%2B0uBFTuNX3cw4ESusgj%2BIT6MkhmmqV%2BeuoldNGHKhLEYnEh0X%2Byd%2B8WpcGNdqjjl5Wltksby%2FaCLDo97UeuLObLHvxUvzqpoPBgDBqHP6Uc5Tdlo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 16 Jun 2025 02:07:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=49479&min_rtt=46069&rtt_var=3784&sent=958&recv=176&lost=0&retrans=0&sent_bytes=1102826&recv_bytes=23811&delivery_rate=1344799&cwnd=160009&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=2065&x=92"
date: Mon, 26 May 2025 20:50:48 GMT
content-type: image/jpeg
last-modified: Thu, 20 Feb 2025 09:42:54 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd5a8661-PER
accept-ranges: bytes
content-length: 120956
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Kuppet-Moses-Nthurima.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 88 KB
89 KB 121ms
115ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Kuppet-Moses-Nthurima.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19c4497e74d970fad7a11881497e8ac0a977c8fac81a777859a2175b5b58c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 131724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CC0%2FlxtVAQ9x7sMGnuyWHcdPzhTDub%2BQ7sjUr2rtuVFrOLePgUrsdHgBZsiAINs%2BypHRwcMz8oRHzEtJZdQDzVm0y%2FuVddRXnLr%2F0M1IzAC21gLiU0Gxn6BYMjcRnrdrXdSH%2B0%2BkTq6SrDiG2p5j"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 24 Jun 2025 05:18:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=177&recv=82&lost=0&retrans=0&sent_bytes=179193&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=704&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: image/jpeg
last-modified: Sun, 25 May 2025 05:18:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd598661-PER
accept-ranges: bytes
content-length: 90037
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 GrxjmYSWAAAF0SW.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 56 KB
57 KB 155ms
150ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/GrxjmYSWAAAF0SW.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cdb904ccfcca68a9aaf53e0e9353ac724c70189f291be2d71439e786250c9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 4730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bww9zrJ4Trwv%2FLxhqtAOyNg2sk5Pr8m%2BUMaCd8Xl0jGX%2BkYiJCca8PqRFfPAE1i8PILakpd81ngBwu7%2BjOQ6B560xFUSlmrsGa7FzqLaBB9SRy1bPzrN4TuUKGRizM%2F42VCTj4G5jjNlj1PNgrmh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 14:36:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=177&recv=82&lost=0&retrans=0&sent_bytes=179193&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=705&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 14:36:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd5b8661-PER
accept-ranges: bytes
content-length: 57458
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Auction.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 119 KB
119 KB 1350ms
1345ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Auction.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f7adfc19798b1111acc6b5c6a161fc0d5472d0f0a2245171c9b6ae65e7f63d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgtmcLCA%2FqYAQYm%2FHB0PrNc0B90AgXiwNJcqE89EJAgHRz9g072s99okJNvIV2pHFB6C6gQzo92kzTdWjIxt%2FmIr%2Bb8zmZjfFfDf2UbqoYGJlgXQ8NqrQSzWwrh4qZb2lYk3mctSxu2i0FeUpPbf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 10:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=49624&min_rtt=46069&rtt_var=3879&sent=904&recv=173&lost=0&retrans=0&sent_bytes=1038626&recv_bytes=23676&delivery_rate=1344799&cwnd=156093&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=1990&x=92"
date: Mon, 26 May 2025 20:50:48 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 10:16:54 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd5c8661-PER
accept-ranges: bytes
content-length: 121416
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mast-Kajiado-County.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 113 KB
114 KB 124ms
120ms Image
image/jpeg 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/mast-Kajiado-County.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7b185c477c10f5bb0f3e5437358183a243ce99d74c7e279a0ea38eebd379645

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 4729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8v7eaD7MV%2BaOCk9dl3j8n0DE4Jv%2BZkgd9L3TWUY2RV8I9T5lGgtyGD%2BNcPQffKUOSuDOVJ0%2ForVh7KekiN1D57ywyrOH9OdIfMLBI40UStAUdFDAtXMfTJ51XmALujncBxJWNImrJUfdgB4pUPt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 10:40:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=177&recv=82&lost=0&retrans=0&sent_bytes=179193&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=704&x=92"
date: Mon, 26 May 2025 20:50:46 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 10:40:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd5d8661-PER
accept-ranges: bytes
content-length: 115758
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 android-chrome-512x512.png
eastleighvoice.co.ke/logo/ 69 KB
69 KB 153ms
149ms Image
image/png 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eastleighvoice.co.ke/logo/android-chrome-512x512.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e79535a24928a654e7afec5673fc1131770b3da730bd92a215f84d020834d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

cf-cache-status: HIT
etag: "112ac-62c867048693f"
age: 1950986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoEB%2F%2Ben36h5JCE4JdoaKXYxkTKSVElIUKw9qkUBTGSQrrkgtvVYRCHsX3jsCdaJepbH3n2vb1kiib7uuC452iYWRdgzzg77qm8QO1He%2BiomrndM2W3Ht7VAgj8HFZfuXoWI2Ar30Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 07:55:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=177&recv=82&lost=0&retrans=0&sent_bytes=179193&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=704&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: image/png
last-modified: Sat, 25 Jan 2025 11:49:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd5e8661-PER
accept-ranges: bytes
content-length: 70316
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 client Show response
accounts.google.com/gsi/ 230 KB
87 KB 1509ms
477ms Script
application/javascript 74.125.137.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.137.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

dy-in-f84.1e100.net

Software

ESF /

Resource Hash

3c356df94c07e04177de36f04918c185017941fcd188e60086b68e60b4dd347e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KfDeM_i62Cd1WjeYP_zNng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KfDeM_i62Cd1WjeYP_zNng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 26 May 2025 20:50:48 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 email-decode.min.js Show response
eastleighvoice.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 57ms
52ms Script
application/javascript 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
etag: W/"6830c755-4d7"
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MGhuKssA9c%2FvVTab7hsZDnR4pHVgzitwApdlXmk9cuSsjBgZ1USr%2FN57N1s0nGlY5TPzvMMwLzZzWsBvuQ%2F%2F84PW41IpPL01IUyAuplZLDiEnCXHH7ofv2yEAc53WQIsqhLn69clA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 94602593ad558661-PER
expires: Wed, 28 May 2025 20:50:46 GMT
date: Mon, 26 May 2025 20:50:46 GMT
content-type: application/javascript
last-modified: Fri, 23 May 2025 19:07:01 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 jquery.min.js Show response
eastleighvoice.co.ke/assets/vendor/jquery/ 85 KB
30 KB 158ms
150ms Script
text/javascript 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/vendor/jquery/jquery.min.js?v=393

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "15283-62c867044237f-gzip"
age: 131725
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pc1R705Nw8blVzg8PcL15ciu8bHUREdyhYf82y%2BzrllxFiiKU35D7jDpkNKgCywkDWpHTdiEdDiXAhmN1R1OGcWcZ9TqXTQi%2FUbJEnRNT3R5AlVEhY7IJMedXHGCP%2Ffg2jexeYlQww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:18:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63084&min_rtt=46069&rtt_var=10485&sent=195&recv=82&lost=0&retrans=0&sent_bytes=200793&recv_bytes=16691&delivery_rate=1344798&cwnd=176617&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=720&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: text/javascript
last-modified: Sat, 25 Jan 2025 11:49:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602593bd568661-PER
accept-ranges: bytes
content-length: 30138
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 1106ms
66ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9460259a3d63865e-PER
access-control-allow-origin: *
date: Mon, 26 May 2025 20:50:48 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/eastleighvoice/ 996 KB
281 KB 1644ms
722ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e6eef82c0528d181f7d805e6785d49aa051170f8c94e6347b33bddcf21bdd200

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "c66f1b22dd5ee1d5fb359b6289533c042847bd0c"
x-amz-version-id: MJlfgLVdDVtPkPlpALgp3ukLvXZNdk1S
age: 0
x-cache: MISS
date: Mon, 26 May 2025 20:50:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 26 May 2025 20:50:48 UTC
x-served-by: cache-per12627-PER
x-cache-hits: 0
x-amz-id-2: J24pJof6aMacnPJpK7MGjsgDthyxjiZ6Jpv/SWHr+u3R3cgn4FAjPs5XDAajOJ6HTHqharq8rUg=
vary: Accept-Encoding, Accept-Encoding
x-amz-replication-status: FAILED
cache-control: private,max-age=14400
x-envoy-upstream-service-time: 520
x-timer: S1748292648.916441,VS0,VE672
via: 1.1 varnish
x-amz-request-id: JXH73K44M51PFCDS
accept-ranges: bytes
access-control-allow-origin: *
abp: 6
content-length: 287398
server: nginx
x-amz-server-side-encryption: AES256

GET
H3 200 Palatino.ttf
eastleighvoice.co.ke/assets/Font/ 98 KB
41 KB 71ms
64ms Font
font/ttf 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/Font/Palatino.ttf

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa981f57b9f4f27cb54004da1c74bd5c3bd96e05c481a12e64c315ed9670f375

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1871a-615a734fd4840"
age: 131724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8N5K6DvulLAqQq4iVWB5zOGrSsMm5o1PYmB0IyKJtcSshh92o7kH1zu7ssCdXTdfcRkXZsq2OZI0sz49Cs8W0uM%2B%2F0Ud6l7T2SCZBKB6m4eVcsh%2B4wllNuBEP7WnnQ4IdMlbURWC5w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:15:22 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=53747&min_rtt=46069&rtt_var=4783&sent=429&recv=103&lost=0&retrans=0&sent_bytes=477733&recv_bytes=18542&delivery_rate=1344798&cwnd=187864&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=929&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: font/ttf
last-modified: Tue, 09 Apr 2024 10:15:53 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 946025951d5f8661-PER
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 66ms
65ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6599bdc3-13174"
age: 446900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7DeEd0eVtgxY3Zj2kGPOo0%2F79Q%2FBpG5wexGkA8Voa6RlvO%2BBuFE8vhUzjjaCUz57sHh7lqJQr7RXdH6cXBqfDoefVWfcY1CjRadzxrr7zeQqgY8A1oivOKcivXyTjgG9FldJbZ36"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 20:50:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 20:50:47 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:53:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946025951a7d8647-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78196
server: cloudflare

GET
H3 200 quate.png
eastleighvoice.co.ke/assets/images/ 349 B
1 KB 69ms
67ms Image
image/png 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eastleighvoice.co.ke/assets/images/quate.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c9b3c957e28e867df94e9673792a2bcdc34892d62de6687c8f0a7e2d293381

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Response headers

cf-cache-status: HIT
etag: "15d-62c86704348be"
age: 2356566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gca9CdQvx7cg9G7d14%2Fmm%2BVYgFNqbj3m1KNdpgqZrQ7a9YCkzuMO4ESfiRgK7Vy9PI0Kq6Eiwd5OiCOJ7O74oe7SiiNwapD7xaFYyx15NM6VjE7tvE08DLl%2BnHVzjB4447TSedzaMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 22 Apr 2026 20:10:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51956&min_rtt=46069&rtt_var=3626&sent=571&recv=124&lost=0&retrans=0&sent_bytes=646376&recv_bytes=20447&delivery_rate=1344798&cwnd=187864&unsent_bytes=0&cid=c32e6af0efbe93ae&ts=1055&x=92"
date: Mon, 26 May 2025 20:50:47 GMT
content-type: image/png
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 94602595ed608661-PER
accept-ranges: bytes
content-length: 349
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
76 KB 69ms
68ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6599bdbd-12bdc"
age: 340556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzPvp7qzshyzKpQkKhnuV5a5HMGQX8IqUpirlsd9nHJRkWql0T8rD%2BZfA7v3jEEgSb9qryX0C0E%2B%2FPE6Hv5d7dESS5KlCYQltvvGIsVunJQ8GVAZrz2WWNH77G0w2ALlO%2B%2FVWEL0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 20:50:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 20:50:47 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:53:17 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94602597ab538647-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76764
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 249 KB
74 KB 104ms
104ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8c1330ff4605fe7b8ba085e3bd3cd14f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

4b6e03a25fe39edee0dc6bfe94a40b9dd5f8780133a58368b40d65176ae7326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-md5: 0aDBd247Wi64gsSn6aPL0w==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "ec237d39f65e683caa8bb48519c7b307"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 20:23:29 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 3729ca57f6192c36285c9b00ad4daad0
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=106, rtx=0, c=27, mss=1232, tbw=8864, tp=15, tpl=0, uplat=0, ullat=-1
x-fb-debug: tdILxv231R7riwajd/UxpL3ga9kbYaU+NWzc7F6eHKaar3M5yK+FUsssvTBlwPH9RanVwmvI9Dm0Oj6xQ6L8FA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75309
origin-agent-cluster: ?1

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
0 591ms
591ms Script
text/javascript 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

790a7889e7906ca38d41411080df22db92cda949461a038c6698560324643f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 689 / 20234 / m202505200101 / config-hash: 1295865988360337441
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 20:50:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34632
x-xss-protection: 0
server: cafe

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748292646957&_gaz=1&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~10313050...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=15607299213464102554&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9...

0
0

651ms
269ms

Fetch
text/plain

172.217.167.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=15607299213464102554&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Server: 172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgnc:90:0
content-length: 0
date: Mon, 26 May 2025 20:50:51 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=15607299213464102554&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:50 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 1660ms
519ms Ping
text/plain 142.250.141.155
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-24W9KHS0ZW&cid=853114421.1748292649&gtm=45je55l1v9167994531za200&aip=1&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.141.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: dd-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to: {"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eastleighvoice.co.ke
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:124:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:50 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 206ms
199ms Fetch
text/plain 142.250.67.4
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?tid=AW-1005654510&en=page_view&dr=news.google.com&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&scrsrc=www.googletagmanager.com&frm=0&rnd=836934304.1748292649&dt=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&auid=2102401855.1748292649&navt=n&npa=0&gtm=45je55l1v9167994531za200&gcs=G1--&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&tft=1748292648939&tfd=4066&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s16-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/ 5 KB
2 KB 431ms
217ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/?random=1748292648909&cv=11&fst=1748292648909&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

464e23b0bd9a539e44367a4c76148ada0d0646ed5a26a86c9cb2eeaafca98adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2010
date: Mon, 26 May 2025 20:50:49 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1005654510 Show response
td.doubleclick.net/td/rul/ Frame 4B71 13 B
176 B 1241ms
289ms Document
text/html 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/1005654510?random=1748292648909&cv=11&fst=1748292648909&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748292646957&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~10320...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=16346824060139757303&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9...

0
0

641ms
226ms

Fetch
text/plain

172.217.167.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=16346824060139757303&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Server: 172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgnc:90:0
content-length: 0
date: Mon, 26 May 2025 20:50:51 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=853114421.1748292649&dbk=16346824060139757303&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:50 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/ 5 KB
2 KB 360ms
216ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/?random=1748292649033&cv=11&fst=1748292649033&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DBashir%20Mbuthia&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

2dcf5d143cebc1d392322175611076734a5f484e4cd691c84e5b75dbb81e062e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2029
date: Mon, 26 May 2025 20:50:49 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1005654510 Show response
td.doubleclick.net/td/rul/ Frame D92E 13 B
523 B 1155ms
253ms Document
text/html 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/1005654510?random=1748292649033&cv=11&fst=1748292649033&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DBashir%20Mbuthia

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 530ms
264ms Image
image/gif 142.250.72.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-24W9KHS0ZW&cid=853114421.1748292649&gtm=45je55l1v9167994531za200&aip=1&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&z=1821825958

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:49 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 1005654510
google.com/ccm/form-data/ 0
20 B 412ms
200ms Ping
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://google.com/ccm/form-data/1005654510?gtm=45je55l1pfv9167994531za200&gcs=G1--&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&npa=0&frm=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:67:0
report-to: {"group":"ascnsrsgac:67:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:67:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eastleighvoice.co.ke
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:67:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:49 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/ 461 KB
155 KB 195ms
194ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7701068765942733

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 17257031994529967950
age: 53410
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 06:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 06:00:39 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 158476
x-xss-protection: 0
server: cafe

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 394 B
267 B 999ms
221ms Script
text/javascript 64.233.188.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=eastleighvoice.co.ke&client=partner-pub-7701068765942733&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.188.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f156.1e100.net

Software

cafe /

Resource Hash

1fcd7b8a4ee87762e7a51b03a48a7127b4b462137c78d8a721701aae0b458c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 246
date: Mon, 26 May 2025 20:50:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 iframe.html Show response
syndicatedsearch.goog/afs/ads/i/ Frame C7AE 2 KB
1 KB 774ms
238ms Document
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

sffe /

Resource Hash

b4aa813243a8fb5d8a1f88a92ec96c1984e0a8db4a5c2ff6663f767ebf749cd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-yOLgQjKi-aiSb_JKavbzFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 726
content-security-policy: script-src 'nonce-yOLgQjKi-aiSb_JKavbzFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 17 Sep 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
syndicatedsearch.goog/afs/ads/i/ Frame 5DB3 2 KB
83 B 1070ms
219ms Document
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

sffe /

Resource Hash

b4aa813243a8fb5d8a1f88a92ec96c1984e0a8db4a5c2ff6663f767ebf749cd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-yOLgQjKi-aiSb_JKavbzFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-length: 726
content-security-policy: script-src 'nonce-yOLgQjKi-aiSb_JKavbzFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:50 GMT
expires: Mon, 26 May 2025 20:50:50 GMT
last-modified: Tue, 17 Sep 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/55j0/ Frame A9C3 3 KB
2 KB 504ms
127ms Document
text/html 142.250.76.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Feastleighvoice.co.ke

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 139033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 25 May 2025 06:13:37 GMT
expires: Mon, 25 May 2026 06:13:37 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 539 KB
170 KB 253ms
252ms Script
text/javascript 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 8367355567805738573
age: 30857
x-content-type-options: nosniff
expires: Tue, 26 May 2026 12:16:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 12:16:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 1756
Redirect Chain

https://www.facebook.com/v15.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoi...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.k...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.k...

337 KB
68 KB

1705ms
1688ms

Document
text/html

157.240.8.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8c1330ff4605fe7b8ba085e3bd3cd14f

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

a8955009c464cb17a8cb61a6331c21976e1d497055577048469acb86bec93e09

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-ABHHOvN0' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-ABHHOvN0' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 26 May 2025 20:50:52 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508859761552376387&cpp=C3&cv=1023194496&st=1748292651007"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508859761552376387&cpp=C3&cv=1023194496&st=1748292651007", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: GOOD; q=0.7, rtt=103, rtx=0, c=28, mss=1232, tbw=10685, tp=21, tpl=0, uplat=1586, ullat=0
x-fb-debug: FRSXzXbqxoT6OF4y7WkE/nFrFiT7HZaJS1inxOoycaWv9Wg6pN7sT85O4t1kIDiWFoIsMWDzPoR6Pr0WKDijbQ==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 26 May 2025 20:50:50 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550
origin-agent-cluster: ?1
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0"
strict-transport-security: max-age=15552000; preload
x-fb-connection-quality: GOOD; q=0.7, rtt=103, rtx=0, c=27, mss=1232, tbw=9981, tp=19, tpl=0, uplat=206, ullat=0
x-fb-debug: R3vesCRz4z4+F++RlJHORENBshGanLtAoklWzZPT0lCeQltAcfWChNKKLW0SZk1+fO0yIUmPv1dtOHhGDFVWvQ==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
109 B 61ms
61ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=trecs-2209-sccarousel-nebula-adjustments_ctrl&pub=eastleighvoice
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private,max-age=14400
retry-after: 0
x-timer: S1748292650.926892,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 3
date: Mon, 26 May 2025 20:50:49 GMT
content-type: text/html
x-served-by: cache-per12627-PER
server: Varnish
x-cache-hits: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
744 B 801ms
246ms Script
text/javascript 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: private, max-age=3600
content-encoding: gzip
server-processing-duration-in-ticks: 424534
expires: 60
date: Mon, 26 May 2025 20:50:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 204 / Show response
beacon.taboola.com/ 0
161 B 201ms
62ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs-2209-sccarousel-nebula-adjustments_ctrl&pub=eastleighvoice&trecsImpl=before&start=0&end=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1748292650.209070,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-cache: HIT
date: Mon, 26 May 2025 20:50:50 GMT
content-type
x-served-by: cache-per12627-PER
server: Varnish
x-cache-hits: 0

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 308ms
273ms Stylesheet
text/css 74.125.137.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.137.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

dy-in-f84.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iTICNMpoUUcjjjrHCmNmsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-iTICNMpoUUcjjjrHCmNmsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 26 May 2025 20:50:50 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 button
accounts.google.com/gsi/ Frame 73F7 0
0 631ms
286ms Document
text/html 172.253.118.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=signin_with&shape=rectangular&logo_alignment=left&is_fedcm_supported=true&client_id=481326698458-mcrfe6h7clrbbko95p9btt573bii4feq.apps.googleusercontent.com&iframe_id=gsi_650126_394211&cas=9Ndy4PjhfHpu5n%2FjNgejp%2BJJD1Ai6BuOLQbMq%2FM3%2FrA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f84.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xs-3qpIdRdV61a75JKiJZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xs-3qpIdRdV61a75JKiJZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Mon, 26 May 2025 20:50:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1005654510/ 42 B
64 B 217ms
200ms Image
image/gif 142.250.67.4
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005654510/?random=1748292649033&cv=11&fst=1748289600000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DBashir%20Mbuthia&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzpHtVG_fLa9ImYdnZPXecEsH1HpRpTA&random=1822748996&rmt_tld=0&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1005654510/ 42 B
64 B 266ms
256ms Image
image/gif 142.250.72.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1005654510/?random=1748292649033&cv=11&fst=1748289600000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DBashir%20Mbuthia&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzpHtVG_fLa9ImYdnZPXecEsH1HpRpTA&random=1822748996&rmt_tld=1&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/1005654510/ 42 B
64 B 209ms
199ms Image
image/gif 142.250.67.4
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005654510/?random=1748292648909&cv=11&fst=1748289600000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzXRzY1maeXwQeFzQHa1AJDLItS86OLg&random=784499692&rmt_tld=0&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1005654510/ 42 B
64 B 264ms
255ms Image
image/gif 142.250.72.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1005654510/?random=1748292648909&cv=11&fst=1748289600000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&npa=0&pscdl=noapi&auid=2102401855.1748292649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzXRzY1maeXwQeFzQHa1AJDLItS86OLg&random=784499692&rmt_tld=1&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 json Show response
trc.taboola.com/eastleighvoice/trc/3/ 38 KB
11 KB 511ms
493ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://trc.taboola.com/eastleighvoice/trc/3/json?llvl=2&tim=04%3A50%3A50.026&lti=trecs-2209-sccarousel-nebula-adjustments_ctrl&pubit=i&t=1&data=%7B%22id%22%3A%2271830%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1748292650027%2C%22cv%22%3A%2220250522-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fnews.google.com%2F%22%2C%22bu%22%3A%22https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims%22%2C%22vpi%22%3A%22%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10875%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs-2209-sccarousel-nebula-adjustments_ctrl%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22cd%22%3A10551.16%2C%22mw%22%3A1600%7D%5D%2C%22pev%22%3A%2225467%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1747933656394%2C%22wc%22%3Atrue%7D&tbu=3c220b70-fff3-4b72-badf-89af07b18078
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b8a358e7d18c80b971d4fd87a77da65951ac60bd62216a76076be7a04ee9c3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Mon, 26 May 2025 20:50:50 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-per12627-PER
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 80427
x-timer: S1748292650.346050,VS0,VE437
x-vcl-time-ms: 437
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.6897916666666667
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-service-version: v1
server: nginx

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame 1F7B 8 KB
4 KB 339ms
113ms Document
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 10859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 17:49:51 GMT
etag: 7658452531946828944
expires: Mon, 09 Jun 2025 17:49:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15A4 41 KB
2 KB 334ms
274ms Document
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701068765942733&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748292650&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.1&aiapmi=0.16&aiact=0.65&aicct=0.7&ailct=0.5848985667413091&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748292649165&bpp=93&bdt=2903&idt=1166&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8160023281053&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95331833%2C95353387%2C95361618%2C95360959&oid=2&pvsid=3433475745281946&tmod=1707523106&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fnews.google.com%2F&fc=1920&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1376

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e5d6272b39ba6ac3d0ad3eb9a7d81b1bba4aa88bec6e58b6aafc20b8019968e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1770
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:50 GMT
expires: Mon, 26 May 2025 20:50:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame E4AF 102 KB
28 KB 485ms
240ms Document
text/html 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

sffe /

Resource Hash

56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:24:14 GMT
expires: Mon, 26 May 2025 21:14:14 GMT
last-modified: Mon, 19 May 2025 19:44:47 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 382 B
626 B 65ms
62ms Script
application/javascript 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9ae1fa0d1fc51ee0ad3feb565083bee200289c71bb346020f9b3d80cf73636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"17e-goBKDsAq4SrgyL37A4bNh/aMb7I"
age: 11816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAw7XKhJ3lMUKj%2FT3dzcZl%2B3oBORcLsZC2bHiC8mXyi3D94T7Cc5Vh8QjFO1BiI7UM1upeyR4XOpPTJdogH9o352ceOAag%2BHm2QVxNfOGX5oSbBKWBVsGEKAlW4KCFXneQ8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Mon, 26 May 2025 20:50:50 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230168-FRA, cache-lga21981-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946025ac7e2387b6-PER
accept-ranges: bytes
access-control-allow-origin: *
content-length: 237
server: cloudflare
x-jsd-version: master

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 1399ms
683ms Script
text/javascript 74.119.117.47
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"67ece34f-a612"
cross-origin-resource-policy: cross-origin
expires: Tue, 27 May 2025 20:50:52 GMT
access-control-allow-origin: *
date: Mon, 26 May 2025 20:50:52 GMT
content-type: text/javascript
last-modified: Wed, 02 Apr 2025 07:12:15 GMT
server: nginx

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 414ms
129ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 238010
x-goog-stored-content-encoding: gzip
expires: Sun, 24 May 2026 02:44:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Sat, 24 May 2025 02:44:01 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AAO2VwrOJG98WrFOtalXxS98WwwSrSt5r_zbkeiopuGYyq4zUiwhZqbMSen4hLrqNypTBTYTFZOq0YU
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 278ms
67ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"678fc4ec-4599"
age: 329359
cf-ray: 946025adce978653-PER
expires: Thu, 29 May 2025 20:50:51 GMT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: application/javascript
last-modified: Tue, 21 Jan 2025 16:01:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 498ms
198ms Script
text/javascript 108.158.32.75
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-75.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 7843
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: UtpEmFTQQsphsKda9EjUwkD1exABK0U8D4S_Bx4ZT1izslu9jJdVlA==
date: Mon, 26 May 2025 18:47:42 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 3 KB
3 KB 711ms
443ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: 861bdaf24bda5c0db45c6ebe1c94a9eb
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2729
date: Mon, 26 May 2025 20:50:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 05 Feb 2025 14:45:21 GMT
server: Google Frontend
x-cloud-trace-context: d8498e6ccaa8089f6d6d391bbaa0a717

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 633ms
188ms Script
application/javascript 108.158.32.47
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-47.syd3.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: "faa388a163b1b6d0377ee77a861591e5"
age: 3314
x-cache: Hit from cloudfront
x-amz-cf-id: KnNV41mrT7vR_NNeWyq64kPNZFJyxqX32Oir-4-vJf2xZvI6IY2PCg==
date: Mon, 26 May 2025 19:55:38 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 18:18:45 GMT
x-amz-expiration: expiry-date="Mon, 23 Apr 2029 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
content-security-policy: default-src 'self'
cache-control: max-age=3600
via: 1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8729
x-amz-cf-pop: SYD3-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 106 KB
31 KB 269ms
59ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1eaab8c8682f4c3cea300b40aa92a09eefb78c126d2b73299cb92dd95c533c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-amz-id-2: u3JLRrId89tk0gL0Yf8/o4OzUz/HKvGn2DTkMjhZYokjNo9/Pn2JH8ac2vbuzHet722YxXxa8nw=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"065ae1c35c8d315731ab9d3a0825dbe2"
age: 1073
x-amz-request-id: 4BWAR9CNJWBEG09D
cf-ray: 946025adffe78659-PER
date: Mon, 26 May 2025 20:50:51 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 02 May 2025 06:44:22 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 835ms
319ms Script
text/javascript 18.244.49.108
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.49.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-49-108.cgk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-amz-version-id: suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag: "e264379414c85b18fe5fb338ed4823f8"
Age: 75980
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: HydMCqMRH2syzRhCi1Up-a43BzKVfTF4NxFivXHQt4tJh4IFPAwg4g==
Date: Sun, 25 May 2025 23:44:32 GMT
Content-Type: text/javascript
Last-Modified: Wed, 11 Dec 2024 19:25:11 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Via: 1.1 6368cd1aacab02efe13a60959eb175de.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 3117
X-Amz-Cf-Pop: CGK50-P4
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
28 KB 686ms
685ms Fetch
text/plain 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3433475745281946&correlator=1605359713907750&eid=31090591%2C31092255%2C95353385%2C83321073&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199029867%2Cleader_board_responsive%2Cev_in_article%2Cout_of_page_1x1%2Cev_billboard_all_pages&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C1x1%2C728x90%7C300x250&ifi=2&didk=3748836145~1724456618~2277417631~2962633546&dids=div-gpt-ad-1738677082135-0~div-gpt-ad-1738758887412-0~div-gpt-ad-1740060230706-0~div-gpt-ad-1747682240556-0&adfs=~3257371666~2323068584~2657425195&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1748292650959&lmt=1748292650&adxs=-9%2C245%2C0%2C436&adys=-9%2C2168%2C10915%2C70&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=0x-1%7C729x2135%7C1600x10915%7C1600x90&msz=0x-1%7C729x10%7C1600x0%7C728x90&fws=2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748292646262&idt=4540&adks=1559625477%2C1399057667%2C1401498077%2C3025464984&frm=20&eoidce=1&td=1&egid=19912&tan=63bc2c9a-2d77-4900-b778-1742a7f10490%2C63bc2c9a-2d77-4900-b778-1742a7f10491%2C63bc2c9a-2d77-4900-b778-1742a7f10492%2C63bc2c9a-2d77-4900-b778-1742a7f10493&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

13024f25dbadd93ff00508fd70e64f7c0ff7f61e5f5e971dc07e9d00520ad7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
google-lineitem-id: -2,6912048465,-2,6998360110
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 20:50:51 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2,138506505410,-2,138517573035
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 29042
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
26 KB 687ms
676ms Fetch
text/plain 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

64f4daca5f56a31f51a54e054df825b8d6a53d0812aeaa7ca1afba2e941b4566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
google-lineitem-id: 6998360110
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 20:50:51 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138517754720
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 26704
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame ECE0 7 KB
3 KB 474ms
195ms Document
text/html 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:51 GMT
expires: Mon, 26 May 2025 20:50:51 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 55 KB
18 KB 234ms
232ms Script
text/javascript 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1bf1f03b1032c3915a6690cd36b0ba29edd8feefd6169c3b6bf2f24a9fdef64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5677221328009611342
age: 22564
x-content-type-options: nosniff
expires: Tue, 26 May 2026 14:34:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 14:34:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 18525
x-xss-protection: 0
server: cafe

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 212ms
58ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age: 640
x-cache: HIT
date: Mon, 26 May 2025 20:50:51 GMT
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
x-served-by: cache-per12623-PER
x-cache-hits: 6149
content-type: application/javascript
x-amz-id-2: GEOwi9mRR9vPMd3+9gpLZzf1veOOY5fue/dRAfmcDP7SN+/DQyG1J+haLe/YIVKzpm7xoh1FtQrOYfAYGR3v+ZpJkJrfyomu
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private, max-age=3600
x-timer: S1748292651.311959,VS0,VE0
via: 1.1 varnish
x-amz-request-id: ABN51QEQHTV18QW3
accept-ranges: bytes
access-control-allow-origin: *
abp: 67
content-length: 1347
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 206ms
57ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age: 8675
x-cache: HIT
date: Mon, 26 May 2025 20:50:51 GMT
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
x-served-by: cache-per12623-PER
x-cache-hits: 2390
content-type: application/javascript
x-amz-id-2: S5CwaronJelQAjEEGZI/aI6QMG4/1DPrZWXC5XIHSgn6MG8msEz8Bf/cjrY1IXWUDofgvUsWQyc=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1748292651.311948,VS0,VE0
via: 1.1 varnish
x-amz-request-id: RVQQR97S4P4G4WTA
accept-ranges: bytes
access-control-allow-origin: *
abp: 68
content-length: 6467
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
364 B 206ms
57ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
age: 18156
x-cache: HIT
date: Mon, 26 May 2025 20:50:51 GMT
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
x-served-by: cache-per12623-PER
x-cache-hits: 4886
content-type: application/javascript
x-amz-id-2: mRB8o42cR97kKO/5HPoK84KTiF3GwGGd8gnsP3PPC5XtThYUQFvfAaftB+TOkRtIn8PkUnEJlow=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1748292651.311935,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 8W0B1VHAAFR6MMPT
accept-ranges: bytes
access-control-allow-origin: *
abp: 84
content-length: 125
server: AmazonS3

GET
H2 200 1444415096__MWezuYiA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 51 KB
52 KB 75ms
51ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1444415096__MWezuYiA.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7cc3060943bf2005229356db602bca7d008c6f8e13d4c6c14bf0866f6ed15f00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1444415096__MWezuYiA.jpg
etag: "041c91935894871d89403201b86a4ec3"
surrogate-reporting: width=620,height=517,bytes=71550,format="jpg",owidth=2120,oheight=1414,obytes=1769582,oformat="jpg",crt=1744348162,ocrt=1743296510,ef=(1,13,17,23,30)
cache-tag: 414271902000956237108087070059614559816,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
age: 1748113
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Fri, 11 Apr 2025 05:09:23 GMT
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kiad7000121-IAD, cache-nyc-kteb1890022-NYC, cache-iad-kiad7000044-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 11, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 414271902000956237108087070059614559816,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 294
x-timer: S1748292651.377320,VS0,VE1
x-orig-request-id: d4ae5cb1ba5939b9af7850d993abe569
x-ratelimit-reset: 1
expiration: expiry-date="Mon, 12 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.wunderground.com/
content-length: 51922
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Abduda-Dida.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 19 KB
20 KB 326ms
301ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c56433b01c5d7a212744d09a96f601232a5f9a34147c927997d9cdffd6cfb097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: a16311140dbb580f4ac3b31824932169
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
etag: "5d2db564a1b9c30897a2b31842fea5e0"
surrogate-reporting: width=666,height=555,bytes=30825,format="jpg",owidth=1132,oheight=555,obytes=84794,oformat="jpg",crt=1745471467,ocrt=1745470224,ef=(1,13,17,23,30)
cache-tag: 467334307013777040117166756857754632438,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 2821184
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 04:50:25 GMT
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kiad7000034-IAD, cache-iad-kiad7000044-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 61, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 467334307013777040117166756857754632438,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 204
x-timer: S1748292651.377324,VS0,VE251
x-orig-request-id: c368ec1b0c8c8e5da769c6be2374d469
x-ratelimit-reset: 1
x-vcl-time-ms: 251
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 19574
x-ratelimit-limit: 101
server: nginx

GET
H2 200 8e17905d1b44ba215de32604e4aadba7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 67 KB
68 KB 341ms
317ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e17905d1b44ba215de32604e4aadba7.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 825535f6086afe68efe2645368cbea451b61a64f3a2b6b85322f2c2c74e968cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 9faa1033f36e9f66fc6cac7a6847d743
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e17905d1b44ba215de32604e4aadba7.jpeg
etag: "900e7ddcafea1e660bb7cf156d59cbf8"
surrogate-reporting: width=753,height=628,bytes=103567,format="jpg",owidth=1200,oheight=628,obytes=374025,oformat="jpg",crt=1747383336,ocrt=1746530955,ef=(1,13,17,23,30)
cache-tag: 588269088632230559830852696112543317410,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 909315
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Wed, 14 May 2025 14:26:56 GMT
x-served-by: cache-iad-kcgs7200034-IAD, cache-iad-kcgs7200034-IAD, cache-lga21962-LGA, cache-iad-kcgs7200162-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 37, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 588269088632230559830852696112543317410,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 235
x-timer: S1748292651.376759,VS0,VE267
x-orig-request-id: 0c4b4eb4450f47eafc8ad444c6ed851a
x-ratelimit-reset: 1
x-vcl-time-ms: 267
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://pulsetasmania.com.au/
content-length: 68754
x-ratelimit-limit: 101
server: nginx

GET
H2 200 GoBpfyoX0AAjRvG.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 14 KB
15 KB 326ms
302ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b32251772776634bd41259d6845b2251150a7e22d279acca91108a105d7d9b50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
etag: "97283a07f5efd6db343bb7c44ef5083a"
surrogate-reporting: width=845,height=705,bytes=53151,format="jpg",owidth=957,oheight=705,obytes=52222,oformat="jpg",crt=1744172130,ocrt=1744159095,ef=(1,13,17,23,30)
cache-tag: 301241422589470688683582359966307351581,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 1893550
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Wed, 09 Apr 2025 04:15:31 GMT
x-served-by: cache-iad-kjyo7100130-IAD, cache-iad-kjyo7100130-IAD, cache-bur-kbur8200143-BUR, cache-iad-kiad7000177-IAD, cache-per12627-PER
x-cache-hits: 0, 6, 0, 29, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 301241422589470688683582359966307351581,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 736
x-timer: S1748292651.377320,VS0,VE253
x-orig-request-id: cd2ddbd41295c5149439ae94c0f309f3
x-ratelimit-reset: 1
expiration: expiry-date="Sat, 10 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 253
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 14830
x-ratelimit-limit: 101
server: nginx

GET
H2 200 98669034__ebiOoSPv.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/ 19 KB
19 KB 340ms
340ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/98669034__ebiOoSPv.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d6f840179b6bc59aa20eb0a3c932a9caad8a08658d46565461e04dd0f6e4fe9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 83751ca5020668739a055d8000bdbd86
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/98669034__ebiOoSPv.jpg
etag: "4d39dd9726dc32c43737bb9f0591c377"
surrogate-reporting: width=620,height=517,bytes=33431,format="jpg",owidth=2121,oheight=1414,obytes=1291781,oformat="jpg",crt=1746382000,ocrt=1746307970,ef=(1,13,17,23,30)
cache-tag: 459724722440427909795975009395285590132,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
age: 1910651
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Sat, 03 May 2025 21:32:51 GMT
x-served-by: cache-iad-kcgs7200121-IAD, cache-iad-kcgs7200121-IAD, cache-lga21969-LGA, cache-iad-kjyo7100172-IAD, cache-per12627-PER
x-cache-hits: 0, 1, 0, 15, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 459724722440427909795975009395285590132,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 69
x-timer: S1748292651.382802,VS0,VE280
x-orig-request-id: 270fff2f65f27a9c713dda98022c468d
x-ratelimit-reset: 1
x-vcl-time-ms: 280
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://footballitarin.com/
content-length: 18986
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Gr4m2fcXMAA9UsP-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 73 KB
74 KB 921ms
920ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3363b12bb54df1197afae930727f2ae82b4fe80e75f4d78bdf7c7eaf8566fd9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: ffc8bf20f495b9d2266833c2535dabcb
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg
etag: "328c235502d1fa31af09ce71c3a7b7c1"
surrogate-reporting: width=623,height=520,bytes=87703,format="jpg",owidth=800,oheight=520,obytes=184470,oformat="jpg",crt=1748286329,ocrt=1748284920,ef=(1,13,17,23,30)
cache-tag: 392003043910711536769980360051125470294,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 6322
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, MISS
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Mon, 26 May 2025 18:42:01 GMT
x-served-by: cache-iad-kjyo7100144-IAD, cache-iad-kjyo7100144-IAD, cache-bur-kbur8200064-BUR, cache-iad-kiad7000133-IAD, cache-per12627-PER
x-cache-hits: 0, 2, 0, 0, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 392003043910711536769980360051125470294,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 517
x-timer: S1748292651.472826,VS0,VE871
x-orig-request-id: 449a7dd734f0e5c05e4a02262e01d72c
x-ratelimit-reset: 1
x-vcl-time-ms: 871
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 74712
x-ratelimit-limit: 101
server: nginx

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
132 B 797ms
140ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs-2209-sccarousel-nebula-adjustments_ctrl&tvi48=-48&tvi50=11108&tim=04%3A50%3A51.129&id=34790&cv=20250522-24-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 46648
date: Mon, 26 May 2025 20:50:52 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 171ms
166ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs-2209-sccarousel-nebula-adjustments_ctrl&tvi48=-48&tvi50=11108&tim=04%3A50%3A51.130&id=31922&cv=20250522-24-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 52490
date: Mon, 26 May 2025 20:50:52 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 supply-feature
sg-trc-events.taboola.com/eastleighvoice/log/3/ 0
523 B 171ms
167ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/3/supply-feature?lti=trecs-2209-sccarousel-nebula-adjustments_ctrl&ri=5d21397a084401734cd88f2f2bd073fd&sd=v2_5d453594c8eaee4776fa5665468b66d3_e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa_1748292650_1748292650_CLaXrwEQr_NmGKuI8_LwMiABKAEwEDiu_QZA9oUQSODA1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa&pi=%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&wi=138166648739386155&pt=text&vi=1748292650027&tim=04%3A50%3A51.140&id=42668&llvl=2&cv=20250522-24-RELEASE&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 26 May 2025 20:50:52 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

GET
H2 200 Abduda-Dida.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 2 KB
3 KB 305ms
304ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 93cfceb9814fd5ab989049bef9838061d1e2448453093a95ea179709ee89eb75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 7370f30e5fd7043bcb3b816666de5a61
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
etag: "2d10e0fb855bff1d6295325e50f05df1"
surrogate-reporting: width=100,height=50,bytes=3014,format="jpg",owidth=1132,oheight=555,obytes=84794,oformat="jpg",crt=1745471095,ocrt=1745470224,ef=(1,13,17,23,30)
cache-tag: 467334307013777040117166756857754632438,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 2821556
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 04:50:25 GMT
x-served-by: cache-iad-kiad7000143-IAD, cache-iad-kiad7000143-IAD, cache-nyc-kteb1890071-NYC, cache-iad-kcgs7200067-IAD, cache-per12627-PER
x-cache-hits: 0, 2, 0, 3503, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 467334307013777040117166756857754632438,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 188
x-timer: S1748292652.636721,VS0,VE257
x-orig-request-id: c368ec1b0c8c8e5da769c6be2374d469
x-ratelimit-reset: 1
x-vcl-time-ms: 257
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 1838
x-ratelimit-limit: 101
server: nginx

GET
H2 200 GoBpfyoX0AAjRvG.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 1 KB
2 KB 97ms
96ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c96857083ddc556582862f666dee1d2f385dc810a2bb1681de53d35fe85f41f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: d4bc89d6bcd5e41f507fd1c3a46865be
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
etag: "95511953f69ed379e4af6706eda5f8dc"
surrogate-reporting: width=100,height=50,bytes=1473,format="jpg",owidth=957,oheight=705,obytes=52222,oformat="jpg",crt=1744165616,ocrt=1744159095,ef=(1,13,17,23,30)
cache-tag: 301241422589470688683582359966307351581,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 4127035
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Wed, 09 Apr 2025 00:38:16 GMT
x-served-by: cache-iad-kiad7000091-IAD, cache-iad-kiad7000091-IAD, cache-bur-kbur8200119-BUR, cache-iad-kcgs7200064-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 4326, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 301241422589470688683582359966307351581,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1086
x-timer: S1748292652.681747,VS0,VE1
x-orig-request-id: cd2ddbd41295c5149439ae94c0f309f3
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 1040
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Gr4m2fcXMAA9UsP-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
3 KB 313ms
307ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2fd059098e52e1092d6a5fe03ba4aa5e6d2d8f2cf48a3cf1dcaf73888432ad38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 449a7dd734f0e5c05e4a02262e01d72c
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg
etag: "d5f6618afa9b71f635427396ab1c1a5b"
surrogate-reporting: width=100,height=50,bytes=3613,format="jpg",owidth=800,oheight=520,obytes=184470,oformat="jpg",crt=1748284921,ocrt=1748284920,ef=(1,13,17,23,30)
cache-tag: 392003043910711536769980360051125470294,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 7731
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Mon, 26 May 2025 18:42:02 GMT
x-served-by: cache-iad-kiad7000086-IAD, cache-iad-kiad7000086-IAD, cache-bur-kbur8200104-BUR, cache-iad-kjyo7100093-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 30, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 392003043910711536769980360051125470294,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 702
x-timer: S1748292652.703322,VS0,VE248
x-vcl-time-ms: 248
x-ratelimit-reset: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 2376
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Gjvw7KbXAAA8yHr.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/ 2 KB
3 KB 54ms
53ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Gjvw7KbXAAA8yHr.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9db1d1c06b354247e2ece4380dbe155e43e7727ab219babf30a0f315bc43e29c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 1a422bb992abce24b8637854876b839d
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Gjvw7KbXAAA8yHr.jpg
etag: "031d6a2bf9b14a6297f862e9ff0750fa"
surrogate-reporting: width=100,height=50,bytes=4050,format="jpg",owidth=1600,oheight=1064,obytes=364449,oformat="jpg",crt=1746314715,ocrt=1745090150,ef=(1,13,17,23,30)
cache-tag: 449579742767383387442147203639398694691,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 1977936
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Sat, 19 Apr 2025 19:15:51 GMT
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kiad7000178-IAD, cache-iad-kjyo7100069-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 575, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 449579742767383387442147203639398694691,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 66
x-timer: S1748292652.724110,VS0,VE1
x-orig-request-id: cc0687443807104393c88d01284e1032
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 2376
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Agather-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
3 KB 332ms
332ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Agather-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e021cf3ee08b725c23a465eda2a33b3f7c8797b9feaaa193dc432fe43f166163

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 104b4e94498af3159be36b4d28213569
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Agather-1.jpg
etag: "874e9c426c39e496bc6e9d1ee5c05a1c"
surrogate-reporting: width=100,height=50,bytes=2072,format="jpg",owidth=534,oheight=361,obytes=26401,oformat="jpg",crt=1748109759,ocrt=1748109717,ef=(1,13,17,23,30)
cache-tag: 628576854059927373854249909714521930233,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 182892
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Sat, 24 May 2025 18:01:58 GMT
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kiad7000146-IAD, cache-mad22033-MAD, cache-iad-kiad7000160-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 169, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 628576854059927373854249909714521930233,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 428
x-timer: S1748292652.730388,VS0,VE252
x-orig-request-id: 6d0117069244d7f52ea5c6c4c7ba422c
x-ratelimit-reset: 1
x-vcl-time-ms: 252
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 1756
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1444415096__MWezuYiA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 5 KB
6 KB 89ms
89ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1444415096__MWezuYiA.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc7a1bc28ca158c9578bc5edf3627755aeda0e2e80b61b078129cbd5ff4dbdb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1444415096__MWezuYiA.jpg
etag: "87f55cc838b754cff9aa08764d539b4d"
surrogate-reporting: width=100,height=50,bytes=7398,format="jpg",owidth=2120,oheight=1414,obytes=1769582,oformat="jpg",crt=1744750749,ocrt=1743296510,ef=(1,13,17,23,30)
cache-tag: 414271902000956237108087070059614559816,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 2500326
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 20:59:10 GMT
x-served-by: cache-iad-kiad7000025-IAD, cache-iad-kiad7000025-IAD, cache-bur-kbur8200171-BUR, cache-iad-kcgs7200059-IAD, cache-per12627-PER
x-cache-hits: 0, 1, 0, 78, 4
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 414271902000956237108087070059614559816,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 72
x-timer: S1748292652.779167,VS0,VE0
x-orig-request-id: d4ae5cb1ba5939b9af7850d993abe569
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 16 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 0
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.zerohanger.com/from-the-forklift-to-the-big-time-mature-aged-swans-journey-to-the-afl-160260/
content-length: 5594
x-ratelimit-limit: 101
server: nginx

GET
H2 200 8e17905d1b44ba215de32604e4aadba7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 49ms
49ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e17905d1b44ba215de32604e4aadba7.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1458b72649136a763345013072eb3514cc23cded56be7db13b180b0c817b25d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: c06d4368b8f5027814c1fe550ad7c761
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e17905d1b44ba215de32604e4aadba7.jpeg
etag: "8ea7daabe7c38c2a97566ad76e72bfba"
surrogate-reporting: width=100,height=50,bytes=4529,format="jpg",owidth=1200,oheight=628,obytes=374025,oformat="jpg",crt=1747383064,ocrt=1746530955,ef=(1,13,17,23,30)
cache-tag: 588269088632230559830852696112543317410,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 909587
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Wed, 14 May 2025 14:26:56 GMT
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kiad7000096-IAD, cache-iad-kiad7000055-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 2, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 588269088632230559830852696112543317410,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 49
x-timer: S1748292652.820215,VS0,VE1
x-orig-request-id: 0c4b4eb4450f47eafc8ad444c6ed851a
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.lefigaro.fr/
content-length: 2724
x-ratelimit-limit: 101
server: nginx

GET
H2

200

pixel-taboola
www.temu.com/api/adx/cm/ Frame DBBA
Redirect Chain

https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
https://www.temu.com/api/adx/cm/pixel-taboola?id=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa

0
497 B

524ms
316ms

Image
text/plain

151.101.194.58
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://www.temu.com/api/adx/cm/pixel-taboola?id=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Server

151.101.194.58 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS
date: Mon, 26 May 2025 20:50:52 GMT
x-served-by: cache-per12623-PER
x-cache-hits: 0
vary: accept-encoding
strict-transport-security: max-age=31536000
yak-timeinfo: 1748292652770|4
x-timer: S1748292653.646167,VS0,VE263
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
via: 1.1 varnish
x-gateway-request-id: 1748292652770-c3017428b89f85e692b7ebf709de71d7-20
accept-ranges: none
cip: 103.108.231.244
server: nginx

Redirect headers

x-fastly-to-nlb-rtt: 46640
location: https://www.temu.com/api/adx/cm/pixel-taboola?id=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa
date: Mon, 26 May 2025 20:50:52 GMT
server: nginx
access-control-allow-credentials: true

GET
H2

200

bounce
ib.adnxs.com/ Frame DBBA
Redirect Chain

https://ib.adnxs.com/setuid?entity=584&code=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3De9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa%26gdpr%3D0%26gdpr_consent%3D

43 B
1 KB

362ms
354ms

Image
image/gif

103.43.91.210
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3De9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa%26gdpr%3D0%26gdpr_consent%3D

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Server

103.43.91.210 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.244; 103.108.231.244; 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 5d4bd18b-d928-4df4-9e6e-9d3c876cb68e
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3De9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa%26gdpr%3D0%26gdpr_consent%3D
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 103.108.231.244; 103.108.231.244; 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: a403472a-2cf4-4281-9cc2-0c88c3059937
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 captain.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 2 KB
3 KB 312ms
311ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/captain.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3698ce126bb838c3e38999d169d530fa3f153785168a15253c0685f8b7ccce14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 5f081fb25cd2e5078d7ae3711e392b93
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/captain.jpg
etag: "bb78ffd8a2b9bbfc90e95aa9cba1b179"
surrogate-reporting: width=100,height=50,bytes=3368,format="jpg",owidth=485,oheight=272,obytes=24279,oformat="jpg",crt=1746509326,ocrt=1745460824,ef=(1,13,17,23,30)
cache-tag: 468884317442750716108183213958918409938,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 1783325
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 02:13:45 GMT
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200174-IAD, cache-bur-kbur8200030-BUR, cache-iad-kiad7000092-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 3324, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 468884317442750716108183213958918409938,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 740
x-timer: S1748292652.872529,VS0,VE253
x-orig-request-id: ab86dc81c1fb9b56bc27691a796f7845
x-ratelimit-reset: 1
x-vcl-time-ms: 253
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 2186
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Chebukati-funeral-2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 3 KB
4 KB 50ms
50ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/Chebukati-funeral-2.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a38476dcbd8462d7d445bf05b9c97256b865a86f847fbf3fbf543b6f07f06b5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/Chebukati-funeral-2.jpg
etag: "1125eca37d50ff195a11e57cba64ff1c"
surrogate-reporting: width=100,height=50,bytes=4929,format="jpg",owidth=1038,oheight=522,obytes=218355,oformat="jpg",crt=1744692748,ocrt=1744157355,ef=(1,13,17,23,30)
cache-tag: 486428810234314599026743641166389146595,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 1336016
x-cache: Miss from cloudfront, HIT, HIT, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 04:52:29 GMT
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kiad7000025-IAD, cache-iad-kcgs7200097-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 1041, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 486428810234314599026743641166389146595,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 182
x-timer: S1748292652.924041,VS0,VE1
x-orig-request-id: f7175eb587e39ff0e303d0b28e67e5af
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 16 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 2656
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Grkk68ZW4AAgJYd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 3 KB
4 KB 301ms
301ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Grkk68ZW4AAgJYd.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ebe618469d4216b66fbb4b321f61b464a4c53b41ff239858373bd8345f3a6103

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: fffee45e8332a8912e2aaab5bf0efc57
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Grkk68ZW4AAgJYd.jpg
etag: "a2c7921335fd2b1e412fbd7be1379121"
surrogate-reporting: width=100,height=50,bytes=5287,format="jpg",owidth=1080,oheight=720,obytes=81014,oformat="jpg",crt=1748285908,ocrt=1748278490,ef=(1,13,17,23,30)
cache-tag: 517930942050544172569228025826143639482,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 6743
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Mon, 26 May 2025 16:54:51 GMT
x-served-by: cache-iad-kjyo7100059-IAD, cache-iad-kjyo7100059-IAD, cache-toj-leto2350055-TOJ, cache-iad-kiad7000035-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 4, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 517930942050544172569228025826143639482,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 837
x-timer: S1748292652.972847,VS0,VE252
x-orig-request-id: 3d54da889a3d074a42998b3ab3545ace
x-ratelimit-reset: 1
x-vcl-time-ms: 252
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 3158
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Screenshot-2025-05-06-114321.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
3 KB 64ms
64ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Screenshot-2025-05-06-114321.png
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aa64a4aec31e212ad343ac21d26c41924c81dc63ca30b05a8c53eb2756cb9b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Screenshot-2025-05-06-114321.png
etag: "b5adb73131d06e919467928e4c57904d"
surrogate-reporting: width=100,height=50,bytes=3542,format="jpg",owidth=517,oheight=279,obytes=245991,oformat="png",crt=1746523950,ocrt=1746523949,ef=(1,13,17,23,30)
cache-tag: 303008268078755281873377062085778044803,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 972966
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Tue, 06 May 2025 09:32:31 GMT
x-served-by: cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100129-IAD, cache-mad22049-MAD, cache-iad-kiad7000055-IAD, cache-per12627-PER
x-cache-hits: 0, 2, 0, 56, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 303008268078755281873377062085778044803,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 887
x-timer: S1748292652.010901,VS0,VE1
x-orig-request-id: e2ac9566fe5dd8a7f05316be99abfa85
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 06 Jun 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 2062
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Kasipul-MP-car.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
3 KB 310ms
309ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Kasipul-MP-car.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7518700726118d28b761ee21f048edd1b766b60e6961a1d3c2f2896e727e96d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Kasipul-MP-car.jpg
etag: "d6cc782b2359cf95d6621d8e1c586dd0"
surrogate-reporting: width=100,height=50,bytes=3308,format="jpg",owidth=1216,oheight=550,obytes=117449,oformat="jpg",crt=1746168496,ocrt=1746168495,ef=(1,13,17,23,30)
cache-tag: 334160422746574069990068649680216230860,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 567293
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Fri, 02 May 2025 06:48:17 GMT
x-served-by: cache-iad-kjyo7100121-IAD, cache-iad-kjyo7100121-IAD, cache-nyc-kteb1890033-NYC, cache-iad-kjyo7100098-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 771, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 334160422746574069990068649680216230860,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 188
x-timer: S1748292652.022809,VS0,VE255
x-orig-request-id: cf8dee2dc3e2d10707f0c02e80df3d10
x-ratelimit-reset: 1
expiration: expiry-date="Mon, 02 Jun 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 255
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 1954
x-ratelimit-limit: 101
server: nginx

GET
H2 200 98669034__ebiOoSPv.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/ 2 KB
3 KB 66ms
66ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/98669034__ebiOoSPv.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98d303534aea59140aaa9d34faaf447f5bdfab66b5f9365ad2249489c9aaaf52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/98669034__ebiOoSPv.jpg
etag: "38f6e79f636bd3f58abeb412829c3f26"
surrogate-reporting: width=100,height=50,bytes=2276,format="jpg",owidth=2121,oheight=1414,obytes=1291781,oformat="jpg",crt=1744750747,ocrt=1743625526,ef=(1,13,17,23,30)
cache-tag: 459724722440427909795975009395285590132,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 2250010
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 20:59:08 GMT
x-served-by: cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100039-IAD, cache-nyc-kteb1890034-NYC, cache-iad-kiad7000076-IAD, cache-per12627-PER
x-cache-hits: 0, 3, 0, 128, 1
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 459724722440427909795975009395285590132,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 22
x-timer: S1748292652.060844,VS0,VE1
x-orig-request-id: 07edefe65898dc6c58793c1877df77af
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 16 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://theindependentamerican.net/
content-length: 1740
x-ratelimit-limit: 101
server: nginx

GET
H2 200 38da27b1d54fc9b742d43dee28c587e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 2 KB
3 KB 52ms
52ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38da27b1d54fc9b742d43dee28c587e2.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f6c2e4b522b9a454d1a0c9c58f55eadbc5978d0bc181ec3d54c5ae3c91539279

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 176d6a552d0bad1a5c6d025610acd0d7
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38da27b1d54fc9b742d43dee28c587e2.jpg
etag: "d1ee6e8c823be119dd606413bdc3f193"
surrogate-reporting: width=100,height=50,bytes=2240,format="jpg",owidth=1280,oheight=960,obytes=127403,oformat="jpg",crt=1746073033,ocrt=1744749572,ef=(1,13,17,23,30)
cache-tag: 488387583121770446899354627456163538068,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 611294
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 00:43:11 GMT
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200161-IAD, cache-mad2200139-MAD, cache-iad-kcgs7200170-IAD, cache-per12627-PER
x-cache-hits: 0, 3, 0, 28, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 488387583121770446899354627456163538068,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 394
x-timer: S1748292652.076136,VS0,VE0
x-orig-request-id: dc0ba0782762a94aeccfd3253cc7c3cc
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://vetob.com/
content-length: 1798
x-ratelimit-limit: 101
server: nginx

GET
H2 200 RUTO.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
3 KB 100ms
100ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/RUTO.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f19ea655835bd09cb706c3052aeeb6bafd4295fe3c651f1debc61e7325573e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/RUTO.jpg
etag: "cc617a1c906950d9086b121bffec2c39"
surrogate-reporting: width=100,height=50,bytes=2519,format="jpg",owidth=1600,oheight=900,obytes=103265,oformat="jpg",crt=1746379144,ocrt=1746378869,ef=(1,13,17,23,30)
cache-tag: 394822895424507153594865023778325360710,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 1343823
x-cache: Miss from cloudfront, HIT, MISS, HIT, HIT, HIT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Sun, 04 May 2025 17:19:05 GMT
x-served-by: cache-iad-kjyo7100108-IAD, cache-iad-kjyo7100108-IAD, cache-bur-kbur8200127-BUR, cache-iad-kiad7000141-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 1073, 1
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 394822895424507153594865023778325360710,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 240
x-timer: S1748292652.130086,VS0,VE1
x-orig-request-id: 3adb3078af5a39511d63464cdddd3376
x-ratelimit-reset: 1
expiration: expiry-date="Wed, 04 Jun 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 1908
x-ratelimit-limit: 101
server: nginx

GET
H2 200 FzOj2w4XwAAQ3ML-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/07/ 2 KB
3 KB 50ms
49ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/07/FzOj2w4XwAAQ3ML-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bfa155dd2fcfaa5c52b48e4b13c2c58e0cef179f2f17b2084a85705351741e15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/07/FzOj2w4XwAAQ3ML-1.jpg
etag: "7f1cec2a3de998730b5b79d76bfe7f94"
surrogate-reporting: width=100,height=50,bytes=5067,format="jpg",owidth=1600,oheight=1066,obytes=156587,oformat="jpg",crt=1745183659,ocrt=1745183658,ef=(1,13,17,23,30)
cache-tag: 552384974308362549813080246241773617028,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
age: 1001078
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Sun, 20 Apr 2025 21:14:20 GMT
x-served-by: cache-iad-kiad7000025-IAD, cache-iad-kiad7000025-IAD, cache-nyc-kteb1890064-NYC, cache-iad-kiad7000024-IAD, cache-per12627-PER
x-cache-hits: 0, 2, 0, 1207, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 552384974308362549813080246241773617028,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 76
x-timer: S1748292652.181842,VS0,VE1
x-orig-request-id: 9a06eddcd97b7c2e1419d78753b503f6
x-ratelimit-reset: 1
expiration: expiry-date="Wed, 21 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 2476
x-ratelimit-limit: 101
server: nginx

POST
H2 204 pubs-generic
trc.taboola.com/eastleighvoice/log/3/ 0
568 B 165ms
157ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://trc.taboola.com/eastleighvoice/log/3/pubs-generic?route=SG%3ASG%3AV&lti=trecs-2209-sccarousel-nebula-adjustments_ctrl&ri=a37cd4bbea0a353bb866e679db1e0973&sd=v2_5d453594c8eaee4776fa5665468b66d3_e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa_1748292650_1748292650_CLaXrwEQr_NmGKuI8_LwMiABKAEwEDiu_QZA9oUQSODA1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa&pi=%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&wi=138166648739386155&pt=text&vi=1748292650027&tim=04%3A50%3A51.571&id=27532&llvl=2&cv=20250522-24-RELEASE&d=%7B%22data%22%3A%22%5C%22%5C%22%22%2C%22type%22%3A%22recReel-available%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/gif
x-served-by: cache-per12627-PER
x-cache-hits: 0
cache-control: no-cache
x-fastly-to-nlb-rtt: 86293
pragma: no-cache
x-timer: S1748292652.281785,VS0,VE88
x-vcl-time-ms: 88
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-service-version: v1
server: nginx

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1444415096__MWezuYiA.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7cc3060943bf2005229356db602bca7d008c6f8e13d4c6c14bf0866f6ed15f00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1444415096__MWezuYiA.jpg
etag: "041c91935894871d89403201b86a4ec3"
surrogate-reporting: width=620,height=517,bytes=71550,format="jpg",owidth=2120,oheight=1414,obytes=1769582,oformat="jpg",crt=1744348162,ocrt=1743296510,ef=(1,13,17,23,30)
cache-tag: 414271902000956237108087070059614559816,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
age: 1748113
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Fri, 11 Apr 2025 05:09:23 GMT
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kiad7000121-IAD, cache-nyc-kteb1890022-NYC, cache-iad-kiad7000044-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 11, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 414271902000956237108087070059614559816,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 294
x-timer: S1748292651.377320,VS0,VE1
x-orig-request-id: d4ae5cb1ba5939b9af7850d993abe569
x-ratelimit-reset: 1
expiration: expiry-date="Mon, 12 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.wunderground.com/
content-length: 51922
x-ratelimit-limit: 101
server: nginx

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c56433b01c5d7a212744d09a96f601232a5f9a34147c927997d9cdffd6cfb097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: a16311140dbb580f4ac3b31824932169
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
etag: "5d2db564a1b9c30897a2b31842fea5e0"
surrogate-reporting: width=666,height=555,bytes=30825,format="jpg",owidth=1132,oheight=555,obytes=84794,oformat="jpg",crt=1745471467,ocrt=1745470224,ef=(1,13,17,23,30)
cache-tag: 467334307013777040117166756857754632438,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 2821184
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 04:50:25 GMT
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kiad7000034-IAD, cache-iad-kiad7000044-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 61, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 467334307013777040117166756857754632438,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 204
x-timer: S1748292651.377324,VS0,VE251
x-orig-request-id: c368ec1b0c8c8e5da769c6be2374d469
x-ratelimit-reset: 1
x-vcl-time-ms: 251
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 19574
x-ratelimit-limit: 101
server: nginx

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e17905d1b44ba215de32604e4aadba7.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 825535f6086afe68efe2645368cbea451b61a64f3a2b6b85322f2c2c74e968cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 9faa1033f36e9f66fc6cac7a6847d743
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e17905d1b44ba215de32604e4aadba7.jpeg
etag: "900e7ddcafea1e660bb7cf156d59cbf8"
surrogate-reporting: width=753,height=628,bytes=103567,format="jpg",owidth=1200,oheight=628,obytes=374025,oformat="jpg",crt=1747383336,ocrt=1746530955,ef=(1,13,17,23,30)
cache-tag: 588269088632230559830852696112543317410,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 909315
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Wed, 14 May 2025 14:26:56 GMT
x-served-by: cache-iad-kcgs7200034-IAD, cache-iad-kcgs7200034-IAD, cache-lga21962-LGA, cache-iad-kcgs7200162-IAD, cache-per12627-PER
x-cache-hits: 0, 0, 0, 37, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 588269088632230559830852696112543317410,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 235
x-timer: S1748292651.376759,VS0,VE267
x-orig-request-id: 0c4b4eb4450f47eafc8ad444c6ed851a
x-ratelimit-reset: 1
x-vcl-time-ms: 267
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://pulsetasmania.com.au/
content-length: 68754
x-ratelimit-limit: 101
server: nginx

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b32251772776634bd41259d6845b2251150a7e22d279acca91108a105d7d9b50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
etag: "97283a07f5efd6db343bb7c44ef5083a"
surrogate-reporting: width=845,height=705,bytes=53151,format="jpg",owidth=957,oheight=705,obytes=52222,oformat="jpg",crt=1744172130,ocrt=1744159095,ef=(1,13,17,23,30)
cache-tag: 301241422589470688683582359966307351581,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 1893550
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Wed, 09 Apr 2025 04:15:31 GMT
x-served-by: cache-iad-kjyo7100130-IAD, cache-iad-kjyo7100130-IAD, cache-bur-kbur8200143-BUR, cache-iad-kiad7000177-IAD, cache-per12627-PER
x-cache-hits: 0, 6, 0, 29, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 301241422589470688683582359966307351581,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 736
x-timer: S1748292651.377320,VS0,VE253
x-orig-request-id: cd2ddbd41295c5149439ae94c0f309f3
x-ratelimit-reset: 1
expiration: expiry-date="Sat, 10 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 253
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 14830
x-ratelimit-limit: 101
server: nginx

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/98669034__ebiOoSPv.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d6f840179b6bc59aa20eb0a3c932a9caad8a08658d46565461e04dd0f6e4fe9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: 83751ca5020668739a055d8000bdbd86
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/IBK/98669034__ebiOoSPv.jpg
etag: "4d39dd9726dc32c43737bb9f0591c377"
surrogate-reporting: width=620,height=517,bytes=33431,format="jpg",owidth=2121,oheight=1414,obytes=1291781,oformat="jpg",crt=1746382000,ocrt=1746307970,ef=(1,13,17,23,30)
cache-tag: 459724722440427909795975009395285590132,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
age: 1910651
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
date: Mon, 26 May 2025 20:50:51 GMT
content-type: image/webp
last-modified: Sat, 03 May 2025 21:32:51 GMT
x-served-by: cache-iad-kcgs7200121-IAD, cache-iad-kcgs7200121-IAD, cache-lga21969-LGA, cache-iad-kjyo7100172-IAD, cache-per12627-PER
x-cache-hits: 0, 1, 0, 15, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 459724722440427909795975009395285590132,425182023300668649483277822018830026203,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 69
x-timer: S1748292651.382802,VS0,VE280
x-orig-request-id: 270fff2f65f27a9c713dda98022c468d
x-ratelimit-reset: 1
x-vcl-time-ms: 280
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://footballitarin.com/
content-length: 18986
x-ratelimit-limit: 101
server: nginx

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
236 B 999ms
336ms XHR
text/plain 57.129.85.132
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.129.85.132 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3249663.ip-57-129-85.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://eastleighvoice.co.ke
date: Mon, 26 May 2025 20:50:52 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&rid=esp&cc=1

85 B
194 B

276ms
276ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&rid=esp&cc=1
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 09e7b34bf9f57665cb8f18ac431ddfe947f2025235503f9f1dfdd4392d189971

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: W/"55-1MFMBiDLNqZHo2EBRv47QGC7ZpY"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://eastleighvoice.co.ke
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://eastleighvoice.co.ke
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-powered-by: Express
vary: Origin

GET
H2 400 fed Show response
ups.analytics.yahoo.com/ups/58813/ 0
393 B 519ms
225ms XHR
application/json 183.177.68.211
YAHOO-1

General

Check archive.org

Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.177.68.211 , Hong Kong, ASN10310 (YAHOO-1, US),

Reverse DNS

e2-ha.ycpi.aue.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=31536000
age: 0
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Mon, 26 May 2025 20:50:52 GMT
content-type: application/json
vary: Origin
server: ATS

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A3A 0
0 361ms
250ms Fetch
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYHS6_3eIgFRWaXVX_0h1vrqviHhwZLFhuH8m20lkULGDnYY1nriSqW2hTkqncBf9acFmmwMB2x_APpsOKE5VT2mXQ-K4kTV-v62TuOnfl2Zm-Pz-XKZU1JInB_MBIqvzY_7ki2rgUZLUGWl7iUddo2nkdngJyjtsQ5H6vMZ9DmxxmUFfacsnfgxFH1FFOr4n41QhKyG8xtVNFneC-XA63WCA2brUAPh80FIv7X9Ii0YzNlInmSE4K74c3OEtchCUdjhek9IuZqP4tw0BxdUmP3nuwisJ0k51_6bm3SMFNTbF70qT4rjqYqBNhJOS6d0Crgs9MzrVIYirFsfs7z1lY11blxM0m_E0ghtBIZ4KHMf9lOodf3rclEam-DkbzIm7QZlD-OHyYy1jYUV8rWNIFUFVBeDJhlp0gQRzFrFZREdr7phW0vfAz8ZzxICU&sai=AMfl-YSSmhAC7XUMYhZrLO0EVWsxrXKtuGd3CTpJ44BV4NpGW6YJvYSAeF6kA0iVhu21R8cnolV5R_SFoKXrizQLLXT2mrbCVSk54UrbZPNi_610m0KWSCLjVFDHlE8&sig=Cg0ArKJSzKKad9Y_qZvzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 loader2.js Show response
scripts.yehtu.com/scripts3/ Frame 0A3A 178 KB
56 KB 754ms
193ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/loader2.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 23d2e77961e64829183d726e3ceb51d27e07f8da186d58bc72dbe3c629dc5022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235559-2c70c"
age: 158
traceparent: 00-9a5ee64c42c136feb2cb66d2234e21dd-4f339bc9cfa2c0fa-01
expires: Mon, 26 May 2025 14:31:27 GMT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
last-modified: Thu, 31 Oct 2024 10:00:57 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=600
x-id: sy4-hw-edge-gc12
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-cached-since: 2025-05-26T20:48:14+00:00
server: nginx

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0A3A 221 KB
68 KB 103ms
102ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 81102085050987160
age: 2106
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:15:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 20:15:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A3A 0
26 B 259ms
258ms Image
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EFFC 0
0 258ms
257ms Fetch
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui9dZ3rLrPqqKSjQFMceIcbv0LYqoJU8ndYaB6X98XeJ5YvzoGE0HmECZwSUVrJq19c6bfVC2dKoSSfkS27I6ddmFS75GsjYhzMpZHZUYIgCA1RwUqgZBoriqWOdD2SisEt4mFfV3vwZm_XG-Pj0bzgu4fGepj8Gwe4ehi-R6rCRpgTqD9eCqDqiDR6ALePNaY-0644t4YtSbMCLWLC2YpeyL7CScHyx2RZ_Jn22jnxEbN6Ey4FIGKk2k-hBDWd6UIF9umu4hEVJBPpovWBgDtT-WX9AN_jfb2r9iNJXXaHl3fGrjfI0rKifWa0zoc_eRfbEzK2Dh0YxvOsJNhyb4jcxz5tnJ-L3zxJWZYqAsXT730JRixYyZokmtjvcnJcbFAiJ4RA5QdkV23bqn30N9hF-xv9nhceZzMQXZDtnqeleTvoMIiEIzxm6RTZwFNsodf5A&sai=AMfl-YTZWGMBzezGCZZRMt74srtXqdNUTIB0zaHAb33GvslzgMoBTsmOzaCIBsPkaz42J99mAeiJOsB7bD41iRaDPRiiz9KLmu_d-JatxHPO5r4UKh8RZqr2DeviJqU&sig=Cg0ArKJSzMpeoph8B-HzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/ Frame EFFC 21 KB
9 KB 575ms
142ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 18118
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 15:48:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 15:48:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame EFFC 3 KB
2 KB 535ms
142ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 49739
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 07:01:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 07:01:53 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EFFC 221 KB
0 79ms
79ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 81102085050987160
age: 2106
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:15:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 20:15:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 9263373077384741594
tpc.googlesyndication.com/simgad/ Frame EFFC 8 KB
8 KB 553ms
154ms Image
image/jpeg 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9263373077384741594

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

c3cfcb9c36740ffabea8d5e6d4deb3c040834b0b4f4a48d5d91bde7e792039cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

age: 126101
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 09:49:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sun, 25 May 2025 09:49:11 GMT
last-modified: Thu, 15 May 2025 15:11:16 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 8130
x-xss-protection: 0
server: sffe

GET l
www.google.com/ads/measurement/ Frame EFFC 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 808 B
396 B 269ms
266ms Fetch
text/plain 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3433475745281946&correlator=1605359713907750&hxva=1&scor=604574193&eid=31090591%2C31092255%2C95353385%2C83321073&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199029867%2CEV_728_90_leaderboads&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&didk=1099070016&dids=gpt_unit_%2F23199029867%2FEV_728_9&sfv=1-0-45&ists=1&fas=8&fsapi=1&sc=1&cookie=ID%3D551776b411a622e5%3AT%3D1748292651%3ART%3D1748292651%3AS%3DALNI_MaiJpQRfJzQb1iB5xmbsUTAhNhblg&gpic=UID%3D000010cc1dd86174%3AT%3D1748292651%3ART%3D1748292651%3AS%3DALNI_MaX-HYvlFuP72X6bRObKQFuwuslvg&abxe=1&dt=1748292652187&lmt=1748292652&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsm4QLNFsXWMIamEmOy3EX1EpIRkEqjeLz95Eclg2UqyZQOnzb6B2j0f68uPqYHrpfXvS4391hxxofal9ThUVw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskAB6-fYiruOsLJ5gjOA4s_qSadwjeQ4phQPiriGg5Gq4bk2wMAvQq0ImBXG9yUz6pbDH90WSk7zrVi0_T0uQ&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748292646262&idt=4540&adks=2216976390&frm=20&is_cau=1&no_cau_info=1&eo_id_str=ID%3D85fbb3a11516b149%3AT%3D1748292651%3ART%3D1748292651%3AS%3DAA-AfjbKPW3XYmYZpYGplyJDucnV&td=1&egid=19912&tan=63bc2c9a-2d77-4900-b778-1742a7f10495&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

36de11b4a09f8cf28a1af52db476c473b93176cbb19db0f4da95821bffb86398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 20:50:52 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 367
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame EFFC 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5178c82ad3d32ceafb6ea5297ad34833da1f8f34fa8bd97cde1c29255bfc569

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7D7 0
0 253ms
252ms Fetch
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZtj0PYnt7mAMaSFlXbQRiIqEf7AKDe2bsrskK9eMhTnlRzzY5A2qv0r7ezJHm1EBZxXDNsfSzGXDDP0kDzIUIQGAk4Q9dxuPTj6FPgf6DrIWBVqRvtEanz9PhEm0G1mMviEVEgm73UYDubU-Qp9FTZ95dIfM8hznvAttEnxQd40mMIAdUxv12qCLYZvNOsUiGWedR0Yi5aprLgWLwyZ4pTyx3TQUG1_H-fJeQPgmtP9a33BkQUY2xklO2y7wcklaWN58Al7-DS0pZ19HRiU3YZlcp6-L6piJungYLoRIev26y0MxIVFt5H4g0hs5BUioGZnH4Bobwkffj_eiOxISZk1R8QPmETCnChb3zXTa-Ci5K11iVRonh6b-fk99PDxJG3CKZT_qfVED_6ZsjpqnRlHxBuQ8&sai=AMfl-YT6FHTCUknD4Z-vbHekGMSvFfmtU0hz7AKeukbxPL_ouqz9SY_vjhs9Y8-kSZMxZdda3r-W5evTMB21QeX9MW3p_jRBvRQRGZk7iV4WOyIQFlt-C05n456q7BNN&sig=Cg0ArKJSzBRAI9YErymlEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 9263373077384741594
tpc.googlesyndication.com/simgad/ Frame E7D7 8 KB
0 489ms
489ms Image
image/jpeg 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9263373077384741594

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

c3cfcb9c36740ffabea8d5e6d4deb3c040834b0b4f4a48d5d91bde7e792039cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

age: 126101
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 09:49:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sun, 25 May 2025 09:49:11 GMT
last-modified: Thu, 15 May 2025 15:11:16 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 8130
x-xss-protection: 0
server: sffe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/ Frame E7D7 21 KB
0 473ms
473ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 18118
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 15:48:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 15:48:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame E7D7 3 KB
0 451ms
451ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 49739
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 07:01:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 07:01:53 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E7D7 221 KB
0 2ms
2ms Script
text/javascript 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 81102085050987160
age: 2106
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:15:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 20:15:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET l
www.google.com/ads/measurement/ Frame E7D7 0
0

GET
H2 200 ca-pub-7701068765942733 Show response
fundingchoicesmessages.google.com/i/ 201 KB
65 KB 647ms
282ms Script
application/javascript 172.217.167.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7701068765942733?href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

a18d411b65c2e37489f0da4b898e68ce245f459b17b78703bbebfc3f0474f92d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kcJ3tWT5sXtVMBrJyxu4CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BiOHnrNtNFIG69eY51OhAbKlxidQbi--susT4H4g_1l1l_AHGRxBXWFiD-VHWDVaT6BmsS-03WEiAOdbzJGgvCaTdZU4F418ZbrIeBuEn7NmsXEJv53Wa1A2IhHo41Ky4fZBNouHrtALOSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRqYGpkYGegUF8gQEA_OxE6w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kcJ3tWT5sXtVMBrJyxu4CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ Frame E7D7 215 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9ab778b146c9df25c1cf038981a887c6ecf97f26b548606581c69af2468551b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 1386ms
632ms XHR
text/plain 141.226.224.32
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://cds.taboola.com/?uid=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: *
cache-control: no-store
date: Mon, 26 May 2025 20:50:53 GMT
server: nginx

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
652 B 439ms
182ms XHR
application/json 52.220.85.210
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.85.210 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-85-210.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: cceb28237867d40445d039bb9d45e386d74976840736203f7d75e2ad5233929b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://eastleighvoice.co.ke
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Mon, 26 May 2025 20:50:52 GMT
content-type: application/json;charset=utf-8

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
740 B 63ms
63ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age: 27602
x-cache: HIT
date: Mon, 26 May 2025 20:50:52 GMT
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
x-served-by: cache-per12627-PER
x-cache-hits: 200
content-type: image/png
x-amz-id-2: J3njHZzOx/WDeMq6Teigmau/WG6IOn5crMFEdg0ZcFbuOLgIOFYOWvWGEedVnVCStQl+DoVf54U=
x-amz-replication-status: COMPLETED
cache-control: private,max-age=31536000
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1748292653.563270,VS0,VE0
via: 1.1 varnish
x-amz-request-id: WKP17E3N8FADZAQ4
accept-ranges: bytes
access-control-allow-origin: *
abp: 97
content-length: 254
server: AmazonS3

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EFFC 0
0 201ms
200ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EFFC 0
0 193ms
193ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A3A 0
0 336ms
196ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A3A 0
0 353ms
201ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D7 0
0 461ms
204ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D7 0
0 473ms
193ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 0A3A 219 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59a4a5a1b30d5f108456b4419eead16cfd847217f11705829062f37982c97baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 204 bulk
trc.taboola.com/eastleighvoice/log/3/ 0
615 B 197ms
184ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://trc.taboola.com/eastleighvoice/log/3/bulk?route=SG%3ASG%3AV&lti=trecs-2209-sccarousel-nebula-adjustments_ctrl&tvi48=-48&tvi50=11108&cv=20250522-24-RELEASE&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 26 May 2025 20:50:53 GMT
content-type: image/gif
x-served-by: cache-per12627-PER
x-cache-hits: 0
cache-control: no-cache
x-fastly-to-nlb-rtt: 79933
pragma: no-cache
x-timer: S1748292653.911662,VS0,VE88
x-vcl-time-ms: 88
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-service-version: v1
server: nginx

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 200ms
199ms Fetch
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eastleighvoice.co.ke/

Response headers

GET
H3 200 _D-NAgmmH2z.css
static.xx.fbcdn.net/rsrc.php/v5/yH/l/0,cross/ Frame 1756 658 B
560 B 228ms
103ms Stylesheet
text/css 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v5/yH/l/0,cross/_D-NAgmmH2z.css

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c49e7b6b2e8aa29%26domain%3Deastleighvoice.co.ke%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feastleighvoice.co.ke%252Ff9e619f3e21e8bc62%26relation%3Dparent.parent&container_width=681&height=100&href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&locale=en_US&numposts=5&sdk=joey&version=v15.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

e915835a54bc9c9bb86f2372ca9e010e168edb10fabc6922e5339eacc233a677

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: hPV/Hg+jLXAOzm+mf3m6cA==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 13 May 2026 19:03:48 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: MzGyrf+/U2E7C9UwDVVxw1EsxtfwEj4Q5CVQ7KzbmtQl6pKESfHOkpDc6OP3f+4K8sqR1Dtn7Ubekxy0Yi4c8g==
priority: u=0
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=5436, tp=19, tpl=0, uplat=4, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 414
origin-agent-cluster: ?1

GET
H3 200 yIH4ie_SIKO.css
static.xx.fbcdn.net/rsrc.php/v5/y7/l/0,cross/ Frame 1756 193 KB
42 KB 223ms
98ms Stylesheet
text/css 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v5/y7/l/0,cross/yIH4ie_SIKO.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

d6e4198d8e435c95395abb7aa994483357b22bad1f60a91e31e3de92e0d9b8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: 3INk77KUaS9kIWFmB48t+w==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 14 May 2026 19:23:34 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: VPUvYPxGLnm6sX1zK1IFPQ9H8Z2J7ImGxfGmIbUhR7kL3LmCwDf+4jL4RXv2CloXwSye9kKvaGNSYctgX9PDAg==
priority: u=0
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=5436, tp=19, tpl=0, uplat=3, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 42605
origin-agent-cluster: ?1

GET
H3 200 QyvgpkNibp8.js Show response
static.xx.fbcdn.net/rsrc.php/v4/yz/r/ Frame 1756 342 KB
90 KB 342ms
217ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/yz/r/QyvgpkNibp8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a47c063164c2325d45de71f6ae2f8fc296c798f0c65325d2132d7a869c435e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: /dUrwxfvCzrnZ2kqKEfT0Q==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 21 May 2026 12:48:32 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: OAtTSGAkwF058Pa35AnFsOb7QsE3cUAKk9f8JjQYFzIQ+jyOTXaO5fjX7ztrShtRnOcPNWESqZP6jOs5NsgnQA==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=13516, tp=26, tpl=0, uplat=5, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 92242
origin-agent-cluster: ?1

GET
H3 200 pyeUwSkDpif.js Show response
static.xx.fbcdn.net/rsrc.php/v4i7M54/yU/l/en_US/ Frame 1756 165 KB
47 KB 632ms
507ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4i7M54/yU/l/en_US/pyeUwSkDpif.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

e80b856a086cbdc9585ff3dbd633cc875d4af4a58d559cbe3d3531de5751fc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: 8LNGyqH5awqvsQO+tnMCdA==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 19:26:26 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: DxcQ7IDxouDX549Ae0qpCkjabTOVnRAxk11XHpfrifHLE3DGWlrrUpj3T6JEDWefed8atZLSeziDiyNBPK8QSA==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=34460, tp=43, tpl=0, uplat=7, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 47600
origin-agent-cluster: ?1

GET
H3 200 hjIW8E88ajE.js Show response
static.xx.fbcdn.net/rsrc.php/v4/y8/r/ Frame 1756 398 B
419 B 229ms
104ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/y8/r/hjIW8E88ajE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

26204f2d748197a88f8b839f1a741a1b585e64a44cc6e1d907796594dde35d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: HSMl5SRE9Ye1FR/LvUXWaA==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 15:56:48 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: nUSFJ+jamgi0VKeswZgC+VyAiC2oVwN89/TOiPB76jgzDsKJQYDMAoI3/Ni0XSA480axeBceU5jSEvyuTA65Pg==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=5436, tp=19, tpl=0, uplat=3, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 279
origin-agent-cluster: ?1

GET
H3 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v4/yF/r/ Frame 1756 507 B
471 B 460ms
335ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/yF/r/p55HfXW__mM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: ZbiqNe9H0U/d/BirPdKqpw==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 13 May 2026 19:09:17 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: 9HFvvTCIwwBl8KoOAguhd4t43u704PzU9slJsYZveSIzsVShGt7hUPsUkFq691WEmTy6tWCn1S86KTmZMTwLtA==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=13516, tp=26, tpl=0, uplat=5, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 331
origin-agent-cluster: ?1

GET
H3 200 29LhhVSoo8c.js Show response
static.xx.fbcdn.net/rsrc.php/v4impH4/yg/l/en_US/ Frame 1756 533 KB
132 KB 460ms
335ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4impH4/yg/l/en_US/29LhhVSoo8c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

5325d6492fc15533cb027a27f72a358876bbb155fb21ee5199de1d0e46d7d0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: kvqJwzXiFfSfrPa99bS/oA==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 20:40:31 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: zj9xwSKEj1qAJA4hD4WCRiTmU4uDz3f9mLaB51a77ZreZaLBU1SJWtPCnNeN+aKDr8WwcswY7rv8KIDuZaXZCQ==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=34460, tp=43, tpl=0, uplat=5, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 134843
origin-agent-cluster: ?1

GET
H3 200 zzAKdsXR3I6.js Show response
static.xx.fbcdn.net/rsrc.php/v4iied4/yc/l/en_US/ Frame 1756 862 KB
185 KB 551ms
427ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4iied4/yc/l/en_US/zzAKdsXR3I6.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

c031889066cbf89f3e46896026c575beb96d9021c76d639e4cfab10e69711ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: cctVCesEmhlZPzV1ie2slg==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 19:26:26 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: tEOW+RZpFL10KncrJDucxqwKjXRiPUO9z/dsk/ZmSh6/2VQVVXpDY+labxNbfqmveZ9Kcd8fB9pDQfZ+Yog9Mw==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=34460, tp=43, tpl=0, uplat=10, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 189531
origin-agent-cluster: ?1

GET
H3 200 tSAICtfyqAP.js Show response
static.xx.fbcdn.net/rsrc.php/v4/yu/r/ Frame 1756 32 KB
10 KB 643ms
519ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/yu/r/tSAICtfyqAP.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

9937b9d3aef84b55c869f13038c3e3999bf74f3cde3fdb5f50663ca22d69b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: gP2PudJOTATR0fzJlVHLAw==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 16 May 2026 21:01:36 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: xlo5nJaJS9XcrGjWeONWmakC24fwXeKosK/BhxHqKWfE3DJChk9UL+3hvJi9WnM1haWvR99Qjng7E3awd4kcqw==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=34460, tp=43, tpl=0, uplat=4, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 10277
origin-agent-cluster: ?1

GET
H3 200 tyfRax5Ez4L.js Show response
static.xx.fbcdn.net/rsrc.php/v4/yi/r/ Frame 1756 58 KB
16 KB 644ms
520ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/yi/r/tyfRax5Ez4L.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

de2674d6873d10657cc86145bbeaef6574b1cc96beab1b8c53acd97b5cdd60f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: tWzCEGkKsThCKhoJo1VWog==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 15 May 2026 16:08:59 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: JjRHHQorIH/FCD5cI7oyTpvYtCEmJ3Y6Yv7/JOZHU4IiIpOhq0Upjk4Jw48Z4wd+W85EWbtj3Ia7joqT+8zFJQ==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=34460, tp=43, tpl=0, uplat=4, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 16281
origin-agent-cluster: ?1

GET
H3 200 rVMSsd5BaNR.js Show response
static.xx.fbcdn.net/rsrc.php/v4iPwL4/y0/l/en_US/ Frame 1756 48 KB
14 KB 645ms
521ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4iPwL4/y0/l/en_US/rVMSsd5BaNR.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

09f12390f8f4fdc9fa63c88574748e0d498d814b7da42a03b191821e43beb2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: 0K4XjAOnEMuU96xGXXqkFg==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 00:04:46 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: NixTPSo6WuN1nwH3br5MCeLZB4Sp0wBGFlQImokV6kSMEj6HqfDVDlU8pxru6EZYLzEFtvD+DkBOAdQy08+D3A==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=34460, tp=43, tpl=0, uplat=3, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 14667
origin-agent-cluster: ?1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EFFC 0
0 202ms
201ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A3A 0
0 375ms
192ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 45A6 16 KB
6 KB 414ms
182ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

43fe7cc6db1c3739aeb83e2496de0dd49feaf3aeee148bbb99f2aabd682f9347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 20:50:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 605974
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3363b12bb54df1197afae930727f2ae82b4fe80e75f4d78bdf7c7eaf8566fd9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-request-id: ffc8bf20f495b9d2266833c2535dabcb
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr4m2fcXMAA9UsP-1.jpg
etag: "328c235502d1fa31af09ce71c3a7b7c1"
surrogate-reporting: width=623,height=520,bytes=87703,format="jpg",owidth=800,oheight=520,obytes=184470,oformat="jpg",crt=1748286329,ocrt=1748284920,ef=(1,13,17,23,30)
cache-tag: 392003043910711536769980360051125470294,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
age: 6322
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, MISS
date: Mon, 26 May 2025 20:50:52 GMT
content-type: image/webp
last-modified: Mon, 26 May 2025 18:42:01 GMT
x-served-by: cache-iad-kjyo7100144-IAD, cache-iad-kjyo7100144-IAD, cache-bur-kbur8200064-BUR, cache-iad-kiad7000133-IAD, cache-per12627-PER
x-cache-hits: 0, 2, 0, 0, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 392003043910711536769980360051125470294,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 517
x-timer: S1748292651.472826,VS0,VE871
x-orig-request-id: 449a7dd734f0e5c05e4a02262e01d72c
x-ratelimit-reset: 1
x-vcl-time-ms: 871
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://eastleighvoice.co.ke/
content-length: 74712
x-ratelimit-limit: 101
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D7 0
0 525ms
190ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EFFC 0
0 266ms
265ms Fetch
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnleDeimUBZXZQGzkmmet1g-DPblrf2pwgjfmxn40OMDkBvHgobnfWCgoLq_D07xqjD8-AZxY6TsI3TFlCowjQSbwZ-Xf7psCjWcHMVrSkTrMCMqedjszXHUYrWIMhSn2dADpxD5-f8n9L093xVnRqXkU2QW_L7ZFCdAvKCV06_v1P7pnOxSY24jvSvsZewwoyR9Or7QAI1dC-qui7iSuXHSm64w8Rt7S1GP1O_qBrjmVYbrI3xtC42Y-iftxeczbcUBOkh7NP8VXNCoc_1ijhJnGWKhV2cOcVphMjuG47KWhBWjeJBh1xitz-HXiCuKWBS-es0gDP5iwmrCgreoFjqL0_uX9RoxNMrGRH09BQSXOgo1RsMtjEvWQ1Tweb5-2YAtVcoFJqKHk4rSf-b3OvSJhGTNcFT_-p6kcDInSXLuzLCE-6jz6MqiCmACMS43Gu6zEk&sai=AMfl-YQpbzN1wrBDLMaw73B0PMWIQM8bfyxh1EEGqWtWTtMpscoc1cmJnaEq7-F46dWkYwdkGO2ES7ecYbUZDCrlb8y9Goe91zKxO4O02QMFCMnYn3fr90Rj2pODD4c&sig=Cg0ArKJSzDXbcdYfHUDUEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7D7 0
0 261ms
261ms Fetch
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA797ePIE5CN6QKI6n-FtowDFedSXZNZmOEm09X8Kk8VQy9DKL83RSw09UGFSLR5o5EZSKoT8Q-MfIlbZ2KKgTMnJW1gwqZIAi6TDXP474PRFRfEzsPXKQ_ifTN2sse32dmXg5tFYBO3JkZG9VDFgdajfuC7ao5h43_BnrR9O6IqZUgzLJynSmVQV6LY2hxNfURrqVGsrmpbjMaO7YpcOlWTg3SmoN1r-qAnFHyOLEBt2ojuchv-kd0eAq6US46vLwKAGWf9PYEuYSh-HDSbywje1Z1R088bKlBYZt8tAX1Of1eEdGtAv2cprNbZv7P-AL7jU30mTl9kk5cvU53R-CtvWCoahaUIbXYIl-vWCe17ylN-P9DB658C5kapAfw0MaMOqjHLs1iGWk4tp2TgBqplVs6Rt4Vg&sai=AMfl-YTBfhhU7AupGiJ5mxdCnEDurtHpOfyFQHtHUrjVQmLGkO9Wwfgx8J3P1X6NEV4CoG_UBXNEEJOTAyWiF4XI-uuB3_ToPFVazpaiLQPAE041gKvWfs2YclpAQUAo&sig=Cg0ArKJSzCq1ViIQuBZsEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 c.html Show response
scripts.yehtu.com/scripts3/79835/ Frame B5FB 738 B
692 B 384ms
178ms Document
text/html 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 26818
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 26 May 2025 20:50:53 GMT
etag: W/"6723556f-2e2"
expires: Wed, 27 May 2026 13:23:55 GMT
last-modified: Thu, 31 Oct 2024 10:01:19 GMT
server: nginx
traceparent: 00-2d60592738d4cc4dc0fef3f798921413-900aa33117badff7-01
vary: Accept-Encoding
x-cached-since: 2025-05-26T13:23:55+00:00
x-id: sy4-hw-edge-gc11
x-id-fe: sy4-hw-edge-gc12
x-shard: sy4-shard0-default

GET
H2 200 loader2.js Show response
scripts.yehtu.com/scripts3/ 178 KB
0 1ms
0ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/loader2.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 23d2e77961e64829183d726e3ceb51d27e07f8da186d58bc72dbe3c629dc5022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235559-2c70c"
age: 158
traceparent: 00-9a5ee64c42c136feb2cb66d2234e21dd-4f339bc9cfa2c0fa-01
expires: Mon, 26 May 2025 14:31:27 GMT
date: Mon, 26 May 2025 20:50:52 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
last-modified: Thu, 31 Oct 2024 10:00:57 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=600
x-id: sy4-hw-edge-gc12
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-cached-since: 2025-05-26T20:48:14+00:00
server: nginx

GET
H2 200 c.html Show response
scripts.yehtu.com/scripts3/79835/ Frame 533B 738 B
0 291ms
291ms Document
text/html 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 26818
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 26 May 2025 20:50:53 GMT
etag: W/"6723556f-2e2"
expires: Wed, 27 May 2026 13:23:55 GMT
last-modified: Thu, 31 Oct 2024 10:01:19 GMT
server: nginx
traceparent: 00-2d60592738d4cc4dc0fef3f798921413-900aa33117badff7-01
vary: Accept-Encoding
x-cached-since: 2025-05-26T13:23:55+00:00
x-id: sy4-hw-edge-gc11
x-id-fe: sy4-hw-edge-gc12
x-shard: sy4-shard0-default

GET
H2 200 ad1e53d6ca54518d4679.b.js Show response
scripts.yehtu.com/scripts3/79835/ 47 KB
17 KB 108ms
107ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/ad1e53d6ca54518d4679.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d2cc16b87d3f592e8775a33b10cdcf583b507ccc15fc697f50ec97c74c38ed3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723556e-ba34"
age: 7891569
traceparent: 00-906a351a968ea08b146168409a718634-e011b05397382d42-01
expires: Wed, 25 Feb 2026 12:44:43 GMT
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:18 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc11
access-control-allow-origin: *
x-cached-since: 2025-02-24T12:44:44+00:00
server: nginx

GET
H2 200 25264767d517534e5c42.b.js Show response
scripts.yehtu.com/scripts3/79835/ 79 KB
21 KB 156ms
155ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/25264767d517534e5c42.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b77e839aee33d67ff170eff4e9b2f24dd7346c312d0e982e90f1a5c70911f4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235562-13c34"
age: 45597
traceparent: 00-a21fecd540b7eefad4b599ba31c8480e-98a45e8862373ae6-01
expires: Wed, 27 May 2026 08:10:56 GMT
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:06 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc11
access-control-allow-origin: *
x-cached-since: 2025-05-26T08:10:56+00:00
server: nginx

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame A52E 615 B
1002 B 518ms
250ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 91809e6416cb7fc02c82a7365a7646d9ccef59f50ef3fb8499dbcf4d20897ba7

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 615
content-type: text/html
date: Mon, 26 May 2025 20:50:52 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 103.108.231.244

POST
H3 204 AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 427ms
224ms XHR
text/html 172.217.167.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cOUcN0TWEtjrteuikEhkCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBi-FB_mfUHEJv53Wa1A2IhHo61Ky4fZBOYMbn3GJOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjUwNTLSMzCPLzAAAH5ZJyA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cOUcN0TWEtjrteuikEhkCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXGOL_vdZYG3O4wm2Un7jQLPFBozGFF20IRM4wFAl5tqh0g7VlgMZv7oCbUMPGqbppyWgWydGQ6UJ8xbhcX_PkjeZhqEQXtMHp5drbg-Z-hsDA0rzosjH-lANEAeWA4qhH6FnvcwA== Show response
fundingchoicesmessages.google.com/f/ 9 KB
0 235ms
235ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXGOL_vdZYG3O4wm2Un7jQLPFBozGFF20IRM4wFAl5tqh0g7VlgMZv7oCbUMPGqbppyWgWydGQ6UJ8xbhcX_PkjeZhqEQXtMHp5drbg-Z-hsDA0rzosjH-lANEAeWA4qhH6FnvcwA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjkyNjUzLDQ1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lYXN0bGVpZ2h2b2ljZS5jby5rZS9uYXRpb25hbC8xNTU0NzkvcnV0by11bnZlaWxzLXNoOTUwLW1pbGxpb24tY29tcGVuc2F0aW9uLWZvci1odW1hbi13aWxkbGlmZS1jb25mbGljdC12aWN0aW1zIixudWxsLFtbOCwib2FLN2FGb19mLVUiXSxbOSwiZW4tR0IiXSxbMjMsIjE3NDgyOTI2NTEiXSxbMTksIjIiXSxbMjQsIm5ld3MuZ29vZ2xlLmNvbSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

122cdbb74af7b21db1b0af1b1d0322e05f7facf2bf251e37a61ad4d0c4d62193

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BNja8aMTUAA6kbh81-fg7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjNxlusW4G4Sfs2axcQm_ndZrUDYiEejrUrLh9kEzjxvmMSk5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgamRgZ6BQXyBAQDHkz-f"
content-security-policy: script-src 'report-sample' 'nonce-BNja8aMTUAA6kbh81-fg7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 45A6 483 B
947 B 96ms
96ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=eastleighvoice.co.ke&sn=ChromeSyncframe&so=0&topUrl=eastleighvoice.co.ke&topicsavail=1&fledgeavail=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

3e0a7e758b7310d67b0bbdebab18cd5b2fa5ff9abd61be6ea5b23b9db360cf9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
server-processing-duration-in-ticks: 939549
expires: 0
date: Mon, 26 May 2025 20:50:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A3A 0
0 253ms
253ms Fetch
image/gif 142.250.72.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4TwE_hwwQwbOWf1hc4FhdyiWWE9l4icBq04hGOAC7pcSouv6wcpRPpKkeY08vKM297lyMgQCVB-nimzluLMBjfnt0fn954jIpImVPne1QvFlC6PXV_FreugLSpx2EqPYn29CBPEHOOdFITzx8LeRc3JhIYny4vuK2TTvtu5I9oyEkdlCos5GwMQq9RYsO315e2rcoMSkAIUzIFxt6zzOk5Li6W1u4IKa8aIukhZAj6flTZ0WMMEbsX4UiNGljGpZyoAlm2ca-t06ePmyhUvUpLiCphoQ0sXJaHvQqWlvkXka1jQv3fUpGpA0VHE6uMiQ0mUmU6ZqmrAdvd-C70nsiM0HFa1ejFFKZj1gn0HkAivSoSnqDIDYOjMOtj_NTh1naZ3DCNj9XTC0GKp2uNtft198NvRLUncF9pdsPTEIecDwv3ay_sRVsrb4vcejAwg&sai=AMfl-YTlGlq1KmabWM_UAuQzhh2U9IONFhPFS8XZ0nHQwulI0-9xzAJYCJC6t79gqKqB9wHVnzm8lLPTsKATaifAqzxbibnZGZQPTzd_oYcW87DyESRvX_BmYYxkwdM&sig=Cg0ArKJSzD9zt16kzqNvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 26 May 2025 20:50:54 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 26 May 2025 20:50:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A52E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFTGjZUJSZkbJtKakB-TJyY&google_cver=1

43 B
97 B

183ms
172ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFTGjZUJSZkbJtKakB-TJyY&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.231.244
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 May 2025 20:50:54 GMT
content-type: image/gif
vary: Accept

Redirect headers

cache-control: no-cache, must-revalidate
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFTGjZUJSZkbJtKakB-TJyY&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 295
date: Mon, 26 May 2025 20:50:54 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame A52E 170 B
243 B 1060ms
520ms Image
image/png 142.250.188.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjM5YTk1YjktNmQ1Zi0yZWExLWZhZGUtODcwMDU2MWVlZjY5

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.188.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax31s15-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 26 May 2025 20:50:54 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame A52E
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa1_0bZ-jtVyks8AKGevVgQyRM8AAAGXDlzWww

43 B
97 B

202ms
188ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa1_0bZ-jtVyks8AKGevVgQyRM8AAAGXDlzWww
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.231.244
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 May 2025 20:50:54 GMT
content-type: image/gif
vary: Accept

Redirect headers

cache-control: no-cache
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Aa1_0bZ-jtVyks8AKGevVgQyRM8AAAGXDlzWww
pragma: no-cache
via: 1.1 9e854e194e7846c005e5306bd39c7648.cloudfront.net (CloudFront)
expires: -1
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: EnFDuGzBxCfavLbxdT44X4_rS-CAhpoF64QdnvcaqvEdXSmlJa8pVQ==
date: Mon, 26 May 2025 20:50:54 GMT
x-amz-cf-pop: SYD3-P2

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame A52E
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDTULsCo8YUAAFpZuK8AAAAA

43 B
97 B

240ms
240ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDTULsCo8YUAAFpZuK8AAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.231.244
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 May 2025 20:50:54 GMT
content-type: image/gif
vary: Accept

Redirect headers

Cache-Control: private
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDTULsCo8YUAAFpZuK8AAAAA
X-SO-LB-Hostname: m-tgng33.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.108.231.244","key":"aDTULsCo8YUAAFpZuK8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad389"}
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad389
X-SO-HostName: m-ad389.dc4p.scaleout.jp
Connection: keep-alive
X-SO-IP: 103.108.231.244
X-SO-Key: aDTULsCo8YUAAFpZuK8AAAAA
Content-Length: 0
P3P: CP="See also http://www.scaleout.jp/privacy/"
Date: Mon, 26 May 2025 20:50:54 GMT
X-SO-Ads-Time: 3
Server: nginx

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A52E
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec8c0e11-d789-43c3-8963-4631e26db9b9&ttd_puid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0&gdpr_consent=

43 B
240 B

191ms
170ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec8c0e11-d789-43c3-8963-4631e26db9b9&ttd_puid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.231.244
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 May 2025 20:50:54 GMT
content-type: image/gif
vary: Accept

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec8c0e11-d789-43c3-8963-4631e26db9b9&ttd_puid=9ff54673-a428-7005-ef3e-ddb99cfc2109&gdpr=0&gdpr_consent=
content-length: 335
date: Mon, 26 May 2025 20:50:54 GMT
server: Kestrel

GET
H2 200 dsp.aspx Show response
ads.yehtu.com/ 2 KB
1 KB 2272ms
520ms Script
application/javascript 116.202.167.156
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://ads.yehtu.com/dsp.aspx?sender=yehtu&rct=4&v=2.0&rnd=4688679741587286&cpv=d367cd33-660c-8b9a-5cd5-6fd3cd19c3ef&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=6e307515-63e5-461e-a43f-96ca8c752fa5&cntoid=&data=%7B%22id%22%3A%22aab2d76d-e252-aa0f-6c8e-8c48fac0a6e8%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Feastleighvoice.co.ke%252Fnational%252F155479%252Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims%22%2C%22ref%22%3A%22https%253A%252F%252Fnews.google.com%252F%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225487c985-8a17-b848-e97b-286f32ef58a3%22%2C%22tagid%22%3A%2259d172eb-ba54-4b3b-9d73-f06bf722ad1b%22%2C%22ext%22%3A%7B%22ph%22%3A%22yehtu_async_1951191556%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22yehtu%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&3rdEnabled=true&3rd=true

Requested by

Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.167.156 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.156.167.202.116.clients.your-server.de

Software

nginx /

Resource Hash

589428b9332ad97f7450c8be805677f80616cd78d9c7b364c226487b90fed3ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

keep-alive: timeout=25
content-encoding: gzip
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 869
p3p: CP="NID DSP ALL COR"
date: Mon, 26 May 2025 20:50:56 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E7D7 42 B
65 B 198ms
197ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC0y2lp-3z5gkm9s75vFZR8hYkKdPlzFm0eXo99JprgmalRoeQT1haK8Hj_v4Yvb5klraEfj3OIWfpzifm08OXhjcEe9_qi8Th-He5aZ74eR7Ej1qEQtdcDm43rZNNv-dyeVQ6K5zXkkKX8Q3e1Sca-BKbrxxjye5nqQ5VUQLijO9DZZs&sig=Cg0ArKJSzLHsDmmuajnxEAE&id=lidar2&mcvt=1122&p=1133,436,1223,1164&tm=1308.0999994277954&tu=186&mtos=556,1104,1122,1122,1122&tos=556,548,18,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2962879711&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4422545200&rst=1748292652251&rpt=694&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFFC 42 B
65 B 199ms
198ms Fetch
image/gif 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJnEm3kfD_2fYOOO8hL68F_RS7CfAmw9MvX613w7Qo9OSdhxhhlWi-MYXyU3FMMoykGVVwgMcLn29a_VZTeUQz6OPDQwBf-HWGeegoxzdsn-UCbI70MtXtm7EEuwIsGRfT7Y22XmLXQCTMPlTWWzN_TaDJr2jKYsxex7M4hgnHsEIqpPI&sig=Cg0ArKJSzErdapFG_nQsEAE&id=lidar2&mcvt=1149&p=70,436,160,1164&tm=1479.5&tu=330.4000005722046&mtos=1149,1149,1149,1149,1149&tos=1149,0,0,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3025464984&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4422545200&rst=1748292652154&rpt=779&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 20:50:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 JZUNEvdo8io.png
static.xx.fbcdn.net/rsrc.php/v4/y3/r/ Frame 1756 57 KB
57 KB 101ms
95ms Image
image/png 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/y3/r/JZUNEvdo8io.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v5/y7/l/0,cross/yIH4ie_SIKO.css

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://static.xx.fbcdn.net/rsrc.php/v5/y7/l/0,cross/yIH4ie_SIKO.css

Response headers

content-md5: 8KvuQoZujxOjzxw3/WYnxQ==
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 13 May 2026 19:13:53 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:54 GMT
content-type: image/png
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: 3Ao9f7F3NRU1FNG8azuis/xftyblQ/iuQhIEdWs4Bg/dnhPKST/zdFWbZhJ4dWuvkbpF+A4gx90/ChpjL30hkQ==
priority: u=3,i
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=2330, tp=5, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 58367
origin-agent-cluster: ?1

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 1756 1 KB
1 KB 174ms
174ms Image
image/jpeg 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.facebook.com/

Response headers

content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 14 May 2026 19:22:21 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:54 GMT
content-type: image/jpeg
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: axp7YqaMbA4ol8ovTK/CZM9DalYrF+rjyreNRCx7FdIJQfG/L8Fi5nMm8CziICVAYu+zsha4j5iAH6hNE9OpZA==
priority: u=3,i
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=25914, tp=25, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1131
origin-agent-cluster: ?1

GET
H3 200 mh6zKB8Afck.js Show response
static.xx.fbcdn.net/rsrc.php/v4/yg/r/ Frame 1756 1 KB
761 B 100ms
100ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/yg/r/mh6zKB8Afck.js

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v4/yz/r/QyvgpkNibp8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

d23a1ca7986eb2495a15421cd5070d51f3321817b44107acb3342569c312d0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.facebook.com
Referer: https://www.facebook.com/

Response headers

content-md5: fK/h5vXrH/VmewJqk67Gdw==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 17:18:26 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 20:50:54 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: CRSrrlu7kSSLnz0GI94DFhXZFxPMi4XPtvsITLC6AccVkbrFa6UB1BF8orJzt0ReYutHiBOlOXcKOKP1L3fEsQ==
priority: u=1
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=95, rtx=0, c=476, mss=1232, tbw=569740, tp=482, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 622
origin-agent-cluster: ?1

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ 63 KB
0 238ms
238ms Other
text/plain

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 10260624382802495031
age: 61148
x-content-type-options: nosniff
expires: Mon, 02 Jun 2025 03:51:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 26 May 2025 03:51:46 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23619
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505220101"

GET
H3 200 proxy--ad-300x600- Show response
fundingchoicesmessages.google.com/f/AGSKWxUB3on01kEQ4zvA8YlwBON6fr7nOFpt3hQfLoaArk0MZ-n6XDRWl60RvGh9TItb1-8-DrLHnaX02vldtp5Zw7kCxabW_ZJmUpcKLZwmqDnJ-0crcCZREHO2r_39QiOHKVxpBt6vQiYpvocFBg0EAM9g5p5Dw... 54 B
0 206ms
206ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUB3on01kEQ4zvA8YlwBON6fr7nOFpt3hQfLoaArk0MZ-n6XDRWl60RvGh9TItb1-8-DrLHnaX02vldtp5Zw7kCxabW_ZJmUpcKLZwmqDnJ-0crcCZREHO2r_39QiOHKVxpBt6vQiYpvocFBg0EAM9g5p5Dwf648mvlZwzigb_eW5ApWvhBlIXgG45g/_/blogads-/big-ad-switch-/ads~adsize~/ads/proxy--ad-300x600-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=ad_blocking_detection_executable

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

d300ec3dd9e47baf4ff831fec237d1fd572ef47e554202a70a3b57c13699dc67

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cmIXP4t2ZBBfw5_uk2NjcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1JBiOHnrNtNFIG69eY51OhAbKlxidQbi--susT4H4g_1l1l_AHGRxBXWFiD-VHWDVaT6BmsS-03WEiAOdbzJGgvCaTdZU4F4zcZbrFuBuEn7NmsXEJv53Wa1A2IhHo51Ky4fZBOY8fX5CmYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjUwNTIwM9A4P4AgMA_xtFBA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cmIXP4t2ZBBfw5_uk2NjcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 68 KB
0 118ms
118ms Script
text/javascript

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=ad_blocking_detection_executable

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

69df9520e73d741f328f7a40e279710499d1e2af1a81de60b2be855802f0745c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 69234120874071566
age: 974
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:34:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 20:34:40 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 25553
x-xss-protection: 0
server: cafe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vG0ptlUL7vVLOizwv5ZZsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15Bi-FB_mfUHEJv53Wa1A2IhHo51Ky4fZBM4cOHGamYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSkZ2AeX2AAAK72J8M"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vG0ptlUL7vVLOizwv5ZZsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GhsjBV9O9tk4kDlZhOXJ1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBi-FB_mfUHEJv53Wa1A2IhHo71Ky4fZBOY8H_DWkYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSkZ2AeX2AAAKHHJ5c"
content-security-policy: script-src 'report-sample' 'nonce-GhsjBV9O9tk4kDlZhOXJ1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-McherMoep5uSvZAS71WnrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBi-FB_mfUHEJv53Wa1A2IhHo71Ky4fZBNYcHTNV0Yll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSkZ2AeX2AAAKf_J68"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-McherMoep5uSvZAS71WnrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fsh4Zv0u2J3F39NoeFKh-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBi-FB_mfUHEJv53Wa1A2IhHo71Ky4fZBOYcfjHXCYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSkZ2AeX2AAAKJGJ5o"
content-security-policy: script-src 'report-sample' 'nonce-fsh4Zv0u2J3F39NoeFKh-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUau28xowMw6Dm6u_RQYz5psyEYB4whaSROGF1cPcOBp0FssPAEdoh1dGU2n1gg2LS3cprbv5Ul4KbyJMeTFN_4d1q7kA65qA0SkTVa0glKZecdWklsR10jEdCQvkZ0u0HSnPJwqw== Show response
fundingchoicesmessages.google.com/f/ 5 KB
0 230ms
230ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUau28xowMw6Dm6u_RQYz5psyEYB4whaSROGF1cPcOBp0FssPAEdoh1dGU2n1gg2LS3cprbv5Ul4KbyJMeTFN_4d1q7kA65qA0SkTVa0glKZecdWklsR10jEdCQvkZ0u0HSnPJwqw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjkyNjU1LDI5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9lYXN0bGVpZ2h2b2ljZS5jby5rZS9uYXRpb25hbC8xNTU0NzkvcnV0by11bnZlaWxzLXNoOTUwLW1pbGxpb24tY29tcGVuc2F0aW9uLWZvci1odW1hbi13aWxkbGlmZS1jb25mbGljdC12aWN0aW1zIixudWxsLFtbOCwib2FLN2FGb19mLVUiXSxbOSwiZW4tR0IiXSxbMjMsIjE3NDgyOTI2NTEiXSxbMTksIjIiXSxbMjQsIm5ld3MuZ29vZ2xlLmNvbSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

5c331ebce9508fa836a01cd627911279a6dd6f1efb383a4e20e065143f6e596b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C7xL7PQYWoBjse0emrmtdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjXxlush4G4Sfs2axcQm_ndZrUDYiFujvUrLh9kEzjwq89DSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyNTA1MhAz8AgvsAAAJYQP30"
content-security-policy: script-src 'report-sample' 'nonce-C7xL7PQYWoBjse0emrmtdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6P8zd0YcYKYOXOU3gfqpEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBi-FB_mfUHEJv53Wa1A2IhHo71Ky4fZBOY8PXTYiYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSkZ2AeX2AAALJsJ84"
content-security-policy: script-src 'report-sample' 'nonce-6P8zd0YcYKYOXOU3gfqpEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUIRuT5zITzBxf8kT_3Vr1DpyrG5gQ_XEneNlewo503O81tKRCwLDVUgamNuB_lH-BC0J0AwfYaXWhgSlzej1t5pA-TuAAM5OIO-GUTZLhe_U576cjxhcBdT0RI8F7-Vbf3yaXrfQ== Show response
fundingchoicesmessages.google.com/f/ 2 KB
0 218ms
218ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIRuT5zITzBxf8kT_3Vr1DpyrG5gQ_XEneNlewo503O81tKRCwLDVUgamNuB_lH-BC0J0AwfYaXWhgSlzej1t5pA-TuAAM5OIO-GUTZLhe_U576cjxhcBdT0RI8F7-Vbf3yaXrfQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjkyNjU1LDI3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZWFzdGxlaWdodm9pY2UuY28ua2UvbmF0aW9uYWwvMTU1NDc5L3J1dG8tdW52ZWlscy1zaDk1MC1taWxsaW9uLWNvbXBlbnNhdGlvbi1mb3ItaHVtYW4td2lsZGxpZmUtY29uZmxpY3QtdmljdGltcyIsbnVsbCxbWzgsIm9hSzdhRm9fZi1VIl0sWzksImVuLUdCIl0sWzIzLCIxNzQ4MjkyNjUxIl0sWzE5LCIyIl0sWzI0LCJuZXdzLmdvb2dsZS5jb20iXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

8f765f46feb4ef0b72b6c41cef05777f2219ca44400843f7a5067b970b26db8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-czPKELXocXwKIJJHZltFoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjNxlusW4G4Sfs2axcQm_ndZrUDYiEejvUrLh9kE1jR830vo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgamRgZ6BQXyBAQDWBz_J"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-czPKELXocXwKIJJHZltFoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVp_NjUvs4R3UiupctHtkiNgy0qdRrMUD8c0uLL-lcxGyEXoHUI6Od5USHg2ntXm6_kB2_D3D4y7_JCzrKvc1-xn2V46sJYiF6YRzlfKYBwSWaIArUbZFWRA9fq8WGZJIORoRuRsg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
0 238ms
238ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVp_NjUvs4R3UiupctHtkiNgy0qdRrMUD8c0uLL-lcxGyEXoHUI6Od5USHg2ntXm6_kB2_D3D4y7_JCzrKvc1-xn2V46sJYiF6YRzlfKYBwSWaIArUbZFWRA9fq8WGZJIORoRuRsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MjkyNjU1LDU1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9lYXN0bGVpZ2h2b2ljZS5jby5rZS9uYXRpb25hbC8xNTU0NzkvcnV0by11bnZlaWxzLXNoOTUwLW1pbGxpb24tY29tcGVuc2F0aW9uLWZvci1odW1hbi13aWxkbGlmZS1jb25mbGljdC12aWN0aW1zIixudWxsLFtbOCwib2FLN2FGb19mLVUiXSxbOSwiZW4tR0IiXSxbMjMsIjE3NDgyOTI2NTEiXSxbMTksIjIiXSxbMjQsIm5ld3MuZ29vZ2xlLmNvbSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

7b9ae8764c65a909e7c7529db59fd7427f243fd849152f9712551d72ac075591

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JJJA05RRPuTrE-O7wlU7JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0JBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjNxlusW4G4Sfs2axcQm_ndZrUDYiEejvUrLh9kE_iw7N8BJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyNTA1MjAz0Dg_gCAwDoAUAz"
content-security-policy: script-src 'report-sample' 'nonce-JJJA05RRPuTrE-O7wlU7JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVP1KbFubUU__t5o1zPX0f6w9sVF_WizTyc5yGWb0Hftt-HGJ4_fvLYyYZyvkrtyBClQHci5g1_w5RXEmSGUfn1bIKQCgaH-pWPVH0thHSPqhRifBQdJzXVkEKlnY_jNlv9pujyuQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 209ms
208ms XHR
text/html 172.217.167.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVP1KbFubUU__t5o1zPX0f6w9sVF_WizTyc5yGWb0Hftt-HGJ4_fvLYyYZyvkrtyBClQHci5g1_w5RXEmSGUfn1bIKQCgaH-pWPVH0thHSPqhRifBQdJzXVkEKlnY_jNlv9pujyuQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g1zghRWrcH6nuE7RQgVAlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:55 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBi-FB_mfUHEJv53Wa1A2IhHo71Ky4fZBN48f3gEWYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSkZ2AeX2AAAMheKBk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g1zghRWrcH6nuE7RQgVAlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1VbAf62qqWCVOFKp_fCA3fAAv9r3uHqIG1Xn8NLGvNbkE6FChVFmbdmwo_eadPXQip8OoamhkHPPE8ZdiXWRCB__2z7Enj0DJpkABJJ411Z7ch4EG138JXspl8nUgzZKF_hxBwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-U6AQBMS2yCHYSvEA5QMxOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:56 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15Bi-FB_mfUHEJv53Wa1A2IhHo4NKy4fZBP48bn_BKOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjUwNTLSMzCPLzAAALmnJ-o"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-U6AQBMS2yCHYSvEA5QMxOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 0d11748832caddd96690.b.js Show response
scripts.yehtu.com/scripts3/79835/ 28 KB
11 KB 170ms
168ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/0d11748832caddd96690.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723555f-702f"
age: 390885
traceparent: 00-089dd18750b6baaa96b4dfe604657917-ef1a3a5e142d8fcb-01
expires: Sat, 23 May 2026 08:16:11 GMT
date: Mon, 26 May 2025 20:50:56 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:03 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc12
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:16:11+00:00
server: nginx

GET
H2 200 658a385fec78f0e1897f.b.js Show response
scripts.yehtu.com/scripts3/79835/ 42 KB
18 KB 171ms
169ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/658a385fec78f0e1897f.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235567-a793"
age: 390885
traceparent: 00-8e1c4fe55cb86e496b858320246192b1-58dac27d4e6a80c6-01
expires: Sat, 23 May 2026 08:16:11 GMT
date: Mon, 26 May 2025 20:50:56 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:11 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc12
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:16:11+00:00
server: nginx

GET
H2 200 8b73097df909af36f72d.b.js Show response
scripts.yehtu.com/scripts3/79835/ 13 KB
5 KB 201ms
199ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/8b73097df909af36f72d.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723556b-326c"
age: 390885
traceparent: 00-b7312f9929fa06d69175507465b0c611-3f894ba69084b15f-01
expires: Sat, 23 May 2026 08:16:11 GMT
date: Mon, 26 May 2025 20:50:56 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:15 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc12
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:16:11+00:00
server: nginx

GET
H2 200 868bf3715e8c82496e94.b.js Show response
scripts.yehtu.com/scripts3/79835/ 11 KB
4 KB 201ms
199ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/868bf3715e8c82496e94.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 27e847108969b0bde29a39b7c686d806dcd8d985ecec56da93d21d905f9d1bc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723556b-2a79"
age: 390885
traceparent: 00-84a6ce9640310be7a18603f44bf265a6-7379740f9f99aaa6-01
expires: Sat, 23 May 2026 08:16:11 GMT
date: Mon, 26 May 2025 20:50:56 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:15 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc12
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:16:11+00:00
server: nginx

GET
H2 200 808b8cd15765dac77d7a.b.js Show response
scripts.yehtu.com/scripts3/79835/ 224 KB
76 KB 162ms
160ms Script
application/javascript 92.223.78.30
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/808b8cd15765dac77d7a.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d84ed37229a5ad3424b737517d9700dcc15f4021baa61b76161a198d69cff347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235569-37e35"
age: 1933587
traceparent: 00-31bece4c0ce697056e47760dc340067f-537d25cd57e744a9-01
expires: Tue, 05 May 2026 11:44:28 GMT
date: Mon, 26 May 2025 20:50:56 GMT
content-type: application/javascript
x-shard: sy4-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:13 GMT
x-id-fe: sy4-hw-edge-gc11
cache-control: max-age=31622400
x-id: sy4-hw-edge-gc11
access-control-allow-origin: *
x-cached-since: 2025-05-04T11:44:29+00:00
server: nginx

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cs.admanmedia.com/0a28772f54bab302b4cd3d4ab3d49473.gif?puid=6e30751563e5461ea43f96ca8c752fa5&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D41783197-9E0A-46F4-B576-C7B3694019...
https://inv-nets.admixer.net/adxcm.aspx?ssp=41783197-9E0A-46F4-B576-C7B369401968&id=9a6dbaa7-64c4-4c7a-993b-60a8942cacd6
https://m.trafmag.com/images/1px-matching-go2net.gif?id=028644170b0f4fc192b65c3ce12c5d63

35 B
349 B

1644ms
615ms

Image
image/gif

193.200.65.6
giveme-cloud GIVE...

General

Check archive.org

Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=028644170b0f4fc192b65c3ce12c5d63
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"
Date: Mon, 26 May 2025 20:50:59 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

Redirect headers

Keep-Alive: timeout=25
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=028644170b0f4fc192b65c3ce12c5d63
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
P3p: CP="NID DSP ALL COR"
Date: Mon, 26 May 2025 20:50:57 GMT
X-Xss-Protection: 0
Server: nginx

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://sync-service.net/ssp?token=QW2e7t5kKis0&pl=community
https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=43630160befdf5e35268aa93e4422844

43 B
463 B

101ms
100ms

Image
image/gif

23.108.103.10
LEASEWEB-APAC-SIN...

General

Check archive.org

Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=43630160befdf5e35268aa93e4422844

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

HTTP/1.1

Server

23.108.103.10 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Keep-Alive: timeout=25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 43
P3p: CP="NID DSP ALL COR"
Date: Mon, 26 May 2025 20:50:57 GMT
X-Xss-Protection: 0
Content-Type: image/gif
Server: nginx

Redirect headers

Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=43630160befdf5e35268aa93e4422844
Content-Length: 0
Date: Mon, 26 May 2025 20:50:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H/1.1 200
OK pixel
cm.g.doubleclick.net/ 43 B
0 1381ms
1381ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NmUzMDc1MTU2M2U1NDYxZWE0M2Y5NmNhOGM3NTJmYTU=&google_cm&gdpr=&gdpr_consent=

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 43
Keep-Alive: timeout=25
Date: Mon, 26 May 2025 20:50:57 GMT
P3p: CP="NID DSP ALL COR"
Content-Type: image/gif
X-Xss-Protection: 0
Server: nginx

GET
H/1.1 200
OK pixel
cm.g.doubleclick.net/ 35 B
0 3089ms
3089ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmUzMDc1MTU2M2U1NDYxZWE0M2Y5NmNhOGM3NTJmYTU=&google_cm&gdpr=&gdpr_consent=
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: HTTP/1.1
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"
Date: Mon, 26 May 2025 20:50:59 GMT
Content-Type: image/gif
Connection: keep-alive
Server: nginx

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://server.smartytech.io/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D17669FAA-B4BA-4D29-A46F-9415F4FCBD4F%26id%3D%7Buser_id%7D
https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=a0c7a7b2-cac3-470c-83b5-d91cd54bc592

43 B
463 B

181ms
94ms

Image
image/gif

23.108.103.10
LEASEWEB-APAC-SIN...

General

Check archive.org

Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=a0c7a7b2-cac3-470c-83b5-d91cd54bc592

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims

Protocol

HTTP/1.1

Server

23.108.103.10 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Keep-Alive: timeout=25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 43
P3p: CP="NID DSP ALL COR"
Date: Mon, 26 May 2025 20:50:57 GMT
X-Xss-Protection: 0
Content-Type: image/gif
Server: nginx

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
location: https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=a0c7a7b2-cac3-470c-83b5-d91cd54bc592
pragma: no-cache
expires: Wed, 11 Nov 1998 11:11:11 GMT
content-length: 190
date: Mon, 26 May 2025 20:50:57 GMT
content-type: image/gif
last-modified: Mon, 26 May 2025 20:50:57 GMT
server: nginx

GET
H2 200 cookie
cm.adform.net/ 35 B
0 1812ms
1812ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D512314CD-BFD7-44B7-86B8-F2BB66C4795E%26id%3D%24UID
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Mon, 26 May 2025 20:50:57 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET /
csync.loopme.me/ 0
0

GET da8470a7dda716277c26e6b5a3905b8c.gif
cs.krushmedia.com/ 0
0

GET
H/1.1 204
No Content bf9ce15acae6a411e6b220198588be2c.gif
cm-x.mgid.com/ 0
0 1402ms
1402ms Image
text/plain

General

Check archive.org

Download Go to Show image

Full URL: https://cm-x.mgid.com/bf9ce15acae6a411e6b220198588be2c.gif?puid=6e30751563e5461ea43f96ca8c752fa5&redir=[RED]&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: HTTP/1.1
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: 0
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5
Date: Mon, 26 May 2025 20:50:57 GMT

GET
H/1.1 200
OK pixel
cm.g.doubleclick.net/ 35 B
0 3064ms
3064ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm&gdpr=&gdpr_consent=
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims
Protocol: HTTP/1.1
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"
Date: Mon, 26 May 2025 20:50:59 GMT
Content-Type: image/gif
Connection: keep-alive
Server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
0 443ms
437ms Fetch
text/plain 142.250.188.238
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748292646957&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103211513~103233427~103252644~103252646~104481633~104481635&cid=853114421.1748292649&ecid=224638371&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEIAAAQ&sid=1748292648&sct=1&seg=1&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&dr=https%3A%2F%2Fnews.google.com%2F&dt=Ruto%20unveils%20Sh950%20million%20compensation%20for%20human-wildlife%20conflict%20victims&_s=3&tfd=12593
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.188.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lax31s15-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eastleighvoice.co.ke
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:50:57 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 csi
csi.gstatic.com/ 0
534 B 554ms
233ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~mb5kb234&ctx=0&met.9=1.3qt~2.4kq
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:51:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 204 perf
sg-trc-events.taboola.com/eastleighvoice/log/3/ 0
523 B 144ms
141ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/3/perf?tvi48=-48&tvi50=11108&route=SG%3ASG%3AV&lti=trecs-2209-sccarousel-nebula-adjustments_ctrl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 26 May 2025 20:51:00 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

POST
H2 204 supply-feature
sg-trc-events.taboola.com/eastleighvoice/log/3/ 0
523 B 102ms
101ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/3/supply-feature?lti=trecs-2209-sccarousel-nebula-adjustments_ctrl&ri=5d21397a084401734cd88f2f2bd073fd&sd=v2_5d453594c8eaee4776fa5665468b66d3_e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa_1748292650_1748292650_CLaXrwEQr_NmGKuI8_LwMiABKAEwEDiu_QZA9oUQSODA1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa&pi=%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims&wi=138166648739386155&pt=text&vi=1748292650027&tim=04%3A51%3A01.158&id=24577&llvl=2&cv=20250522-24-RELEASE&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 26 May 2025 20:51:01 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjlkANUI_USji5oNztKTmMDAbCLR5u_4KQvEQJhkDkdc5FJ-X2jqzfMhMKfl0nzHGWjmFY_bgy_KmsLzvE9qt8RT-4JQ

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWyUEhMmDjHTEsPapwauurlqIJBI4xO60Cjl_UB2aslmDEkSvo4iNI8G0e-p5oGN3X-eCYkenMef8VE6jmJMr4P0smKA

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11488&gdpr=&gdpr_consent=[gdpr_consent_109]&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DC4729463-E4FF-4B3E-AAA2-487038DEBF16%26id%3D{viewer_token}

Domain: cs.krushmedia.com
URL: https://cs.krushmedia.com/da8470a7dda716277c26e6b5a3905b8c.gif?puid=6e30751563e5461ea43f96ca8c752fa5&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE2686680-B13A-4730-B79A-59A7FC223B45%26id%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]

Verdicts & Comments Add Verdict or Comment

270 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/eastleighvoice/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_5d453594c8eaee4776fa5665468b66d3_e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa_1748292650_1748292650_CLaXrwEQr_NmGKuI8_LwMiABKAEwEDiu_QZA9oUQSODA1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA
eastleighvoice.co.ke/national/155479	1969-12-31 23:59:59	Name: Value: store.test
.admixer.net/gadx	1970-01-21 07:47:48	Name: am-uid Value: 7d46ca13f9964d488356ee258a8fb0af
news.google.com/	1970-01-21 10:01:00	Name: GN_PREF Value: W251bGwsIkNBSVNEQWlocU5QQkJoQ0F2NnJsQVEiXQ__
.google.com/	1970-01-21 10:01:43	Name: NID Value: 524=hpocSh_rFYzJA9HGLUH2-HoTStnl89MLoQejgW70Izdljxe9pHaChHL6g2KJ7kKZWp12QC19a0G6S9g_DGAa-lao23j931QnxY2MnOqxqJYbOINwQ_DRG-_DdIpMZsfFYudvgYIjcBKNR8jIN0eRqUdQebnFC1jCktPgoxBlHGSygo0Jf9f_bWi5-DIstPbQOQ
.news.google.com/	1970-01-21 15:14:12	Name: _ga Value: GA1.1.1965284944.1748292644
news.google.com/	1970-01-21 06:21:24	Name: OTZ Value: 8099811_24_24__24_
.news.google.com/	1970-01-21 15:14:12	Name: _ga_SYGF1G18MM Value: GS2.1.s1748292643$o1$g0$t1748292646$j0$l0$h0
cdn.taboola.com/	1970-01-21 05:38:23	Name: abLdr Value: 6
.eastleighvoice.co.ke/	1970-01-21 15:14:12	Name: _ga Value: GA1.1.853114421.1748292649
.eastleighvoice.co.ke/	1970-01-21 07:47:48	Name: _gcl_au Value: 1.1.2102401855.1748292649
.criteo.com/	1970-01-21 14:59:48	Name: receive-cookie-deprecation Value: 1
.eastleighvoice.co.ke/	1970-01-21 14:59:48	Name: __gsas Value: ID=8f4b57e43b380a88:T=1748292650:RT=1748292650:S=ALNI_MayR63DiYL7I0tsw1PX0seUs9G-FQ
.taboola.com/	1970-01-21 14:23:48	Name: t_gid Value: e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa
.taboola.com/	1970-01-21 14:23:48	Name: t_pt_gid Value: e9f19009-6bcc-4a43-a5c2-e5b0013c0f2d-tuctf2e59aa
.taboola.com/	1970-01-21 14:23:48	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 15:14:12	Name: IDE Value: AHWqTUm6e9RO6op12sR9NJ2EmoCSVLg1mnDqtsEOzCzOpVOqqToBcR5fHQCNN8s4qmA
eastleighvoice.co.ke/	1970-01-21 06:21:24	Name: XSRF-TOKEN Value: eyJpdiI6ImVDekVUM0ZXSGd5TnhXNVkxbVFNd1E9PSIsInZhbHVlIjoiem5zVUZCR0pqbG1LNjFTYkVQOWVST3dxVmNkb2pjdGJhNjJjcUJRSC9pU0VpREUwOTZ0UFEvQi9rdUEzdy9kbjBxUEtPK1FFRXVKRTlvN1dpSFAwMjljNDhLMFQ4VjFIMjBVWE1acFdHVFNycjJTM1BmTnNTdWJlSm9kcm80M2wiLCJtYWMiOiJiM2ViYmJlMjFiZDFlNzNiY2U4ODg1OWU2MWJlNTE1N2E0MTBlNmMwN2Y5NmYwMjM1OGY5NTQ5YzQ2OThiZjU1IiwidGFnIjoiIn0%3D
eastleighvoice.co.ke/	1970-01-21 06:21:24	Name: the_eastleigh_voice_news_session Value: eyJpdiI6IitmRFloWlg4ekhBUDhtWllhOTRIdnc9PSIsInZhbHVlIjoiVVIzemEzZkxhK3pjV0ZNWXFVUjJ5T1paV2wrdXBDaElnckh5TlZmU2drU1ZOdnQ3V2ZCdVMyL1EvVk1CYjllNDJYZFhqRFNWVGpoTVBtWkIvdzRJT3B3TEc1ZnZySHNwSTZ5UGoycUZRQ2lCb1diUkFpZWJMS0hjZ240WGYxN2oiLCJtYWMiOiIzMjgwNmIxY2ZhZDc1MTM0MTZhODJmOTdlOTdjYTBjZmRiZThkYTRiNjZkMDJlZWJhOWMwZGMzNjJmOGNhOTQ1IiwidGFnIjoiIn0%3D
.eastleighvoice.co.ke/	1970-01-21 14:59:48	Name: __gads Value: ID=cab5c4a1731317ae:T=1748292651:RT=1748292651:S=ALNI_MZTsSJptnMOiOj9S0OXyL3uIgsAXQ
.eastleighvoice.co.ke/	1970-01-21 14:59:48	Name: __gpi Value: UID=000010cc1d77ddd3:T=1748292651:RT=1748292651:S=ALNI_MbgW1rny2zbp-aaf5KBFZ72WwLFiw
.eastleighvoice.co.ke/	1970-01-21 09:57:24	Name: __eoi Value: ID=65d6768c56b801f0:T=1748292651:RT=1748292651:S=AA-AfjZ0oi3XbhA8BtQHVbKBdIk6
.taboola.com/	1970-01-21 14:23:48	Name: taboola_vmp Value: temurtbnative-network
.eastleighvoice.co.ke/	1970-01-21 15:14:12	Name: _ga_24W9KHS0ZW Value: GS2.1.s1748292648$o1$g1$t1748292652$j56$l0$h224638371$d7UsEWKxzffS6Qf4OMGGc4JyVF-_Pg_A4og
.yahoo.com/	1970-01-21 14:24:10	Name: A3 Value: d=AQABBCzUNGgCEMATC3MNJMEVP_AoQOXjBisFEgEBAQElNmg-aA0CxyMA_eMCAA&S=AQAAAr6kGNqU5Q86j09onncQ7nE
.openx.net/	1970-01-21 14:23:48	Name: i Value: 4c59792a-0daf-4ff2-b5e8-1551f8db12f4\|1748292652
.crwdcntrl.net/	1970-01-21 12:06:57	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 12:06:57	Name: _cc_id Value: b9949ef78b32cc527f8e5900f9158787
.eastleighvoice.co.ke/	1970-01-21 12:07:00	Name: _cc_id Value: b9949ef78b32cc527f8e5900f9158787
.eastleighvoice.co.ke/	1970-01-21 05:48:17	Name: panoramaId_expiry Value: 1748897452793
.eastleighvoice.co.ke/	1970-01-21 05:48:17	Name: panoramaId Value: 157cdbc83977f922eac2f5b1d748185ca02cbedc12c3d1090134511c0f07ee73
.eastleighvoice.co.ke/	1970-01-21 05:48:17	Name: panoramaIdType Value: panoDevice
.adnxs.com/	1970-01-21 07:47:48	Name: XANDR_PANID Value: ZjA3yG1W2PuF_1w_X-khMgXtapDl_elnyin3mn0sI8EzFfGffk65InBiD0pt5ouSOEh-qh8Scf2i-RzR1p5cod0lrL_kktQLGFi4mQOmHRw.
.adnxs.com/	1970-01-21 07:47:48	Name: uuid2 Value: 9200913899404831809
eastleighvoice.co.ke/	1970-01-21 05:38:41	Name: store.test Value:
.criteo.com/	1970-01-21 14:59:48	Name: uid Value: 95a9c032-2e1f-4a59-979c-c8709fb12361
.adnxs.com/	1970-01-21 07:47:48	Name: anj Value: dTM7k!M4/0E:2jUF']wIg2E?hdUrh`!@wnfH1Z%NNU)cOg=8Aoh0]sWck(h<194Td/loT75uoN<<5t)Yfm^cA6<$K!0v4ZD4vArZ1.Ul(3n?CKQX_:]/X%W#.wL4W1Qw0q2O8U0
.eastleighvoice.co.ke/	1970-01-21 14:23:48	Name: am-uid-f Value: 6e307515-63e5-461e-a43f-96ca8c752fa5
.openx.net/	1970-01-21 05:59:48	Name: pd Value: v2\|1748292653\|jEvOhIlYiu
.criteo.com/	1970-01-21 14:59:48	Name: cto_bundle Value: HDZF119ZWU1tQllmVjJGUjdNcldDWk44Tld5dWs3NEZFWDRpWWo1eDhCSE5sNiUyRlhEVGx0UXprOEluUVNKM0d5elNCJTJGdXA0WURFM3BYNEdJS1ZZMlVBWE1SY2olMkJBYWhMOFVCSzE3dndDNHZENEhIRmlSMlh0UXYyN2hkaVRuSGxaUGM5Rk00TU1HWHolMkI4aFJ4WGM4STlPcDBWUSUzRCUzRA
.eastleighvoice.co.ke/	1970-01-21 14:59:48	Name: cto_bundle Value: v_vwrF8yVmN5cWRhZnVtYyUyRiUyRnNvbUxyT2NyTCUyRjJJY09iMiUyQlFodSUyRnUzZHlVY3lxbmJnZTFsRWE5bFM5QU9CVkgxJTJCeUFmVkNyTFVnS0diWk1lYm5vS3lGd3A4c3NuamNLUSUyRkxKYVpYWmhtbzZXTiUyQnR2cFh1eU9MUFgwV3R3SUg1ZUxTV1NEQmdSaHdMZm1WWDBMbmdUZkVaRCUyQllZemclMkZIdDUlMkZJQVpVYnFpOFpoeGdjJTNE
.adsrvr.org/	1970-01-21 14:23:48	Name: TDID Value: ec8c0e11-d789-43c3-8963-4631e26db9b9
.adsrvr.org/	1970-01-21 14:23:48	Name: TDCPM Value: CAEYBSABKAIyCwjQwuvRt6iOPhAFOAE.
.ladsp.com/	1970-01-21 05:38:16	Name: cr Value: 1
.openx.net/	1970-01-21 05:59:48	Name: univ_id Value: 537072971\|ec8c0e11-d789-43c3-8963-4631e26db9b9\|1748292654735671
.ladsp.com/	1970-01-21 15:14:12	Name: smn_uid Value: qGrA9oPKr-QORMpAoi6XQChnr1YEMkQ
.ladsp.com/	1970-01-21 15:14:12	Name: lum Value: CMOt8_LwMhIFCAMQ0AU
.socdm.com/	1970-01-21 15:14:12	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzQ4MjkyNjU0fQ
.eastleighvoice.co.ke/	1970-01-21 14:23:48	Name: FCNEC Value: %5B%5B%22AKsRol-qFj9BAooKA8NkTkp-JTqO3LA5uDlMll6oO9R_Q3GqULFjIxdarP3cFTYEQpstCsUj6cLnaxQ3oSP8hsz7DoXIYG4vr6BcIkrhECSm080aks2CY_mz3nbv1uQ58EGiPbT0GRcugZSHJEcGjBJxfQ0DO-EXzA%3D%3D%22%5D%5D
.ads.yehtu.com/	1970-01-21 07:47:48	Name: am-uid Value: 6e30751563e5461ea43f96ca8c752fa5
eastleighvoice.co.ke/	1970-01-21 05:48:46	Name: am-uid Value: 6e30751563e5461ea43f96ca8c752fa5
server.smartytech.io/	1970-01-21 14:23:48	Name: uid Value: a0c7a7b2-cac3-470c-83b5-d91cd54bc592
.mgid.com/	1970-01-21 05:58:22	Name: lmg_usr Value: c8eb7ddc-ee62-4978-b6f8-1690138dfef2
.mgid.com/	1970-01-21 05:58:22	Name: lmg_r Value: 44
.admanmedia.com/	1970-01-21 05:48:15	Name: admtr Value: 9a6dbaa7-64c4-4c7a-993b-60a8942cacd6
.admanmedia.com/	1970-01-21 05:48:15	Name: ac_r Value: CS207:1748897457521
.admixer.net/	1970-01-21 07:47:48	Name: am-uid Value: 028644170b0f4fc192b65c3ce12c5d63
.adform.net/	1970-01-21 07:04:36	Name: uid Value: 6044242541668842607
.trafmag.com/	1970-01-21 15:14:12	Name: vid Value: 8128050351764606

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eastleighvoice.co.ke/cdn-cgi/speculation Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://eastleighvoice.co.ke/national/155479/ruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims Message: Load failed or canceled (net::ERR_ABORTED; HTTP status 404) for rule set requested from "https://eastleighvoice.co.ke/cdn-cgi/speculation" found in Speculation-Rules header.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155479%2Fruto-unveils-sh950-million-compensation-for-human-wildlife-conflict-victims Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://csync.loopme.me/?pubid=11488&gdpr=&gdpr_consent=[gdpr_consent_109]&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DC4729463-E4FF-4B3E-AAA2-487038DEBF16%26id%3D{viewer_token} Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cpP59LHBLV-VyQePfKlDNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.yehtu.com
analytics.google.com
bcp.crwdcntrl.net
beacon.taboola.com
bead8786f6ede6037dc3ba215a40e51c.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
connect.facebook.net
connectid.analytics.yahoo.com
cr-p3.ladsp.com
cs.admanmedia.com
cs.krushmedia.com
csi.gstatic.com
csync.loopme.me
eastleighvoice.co.ke
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
google.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
jp-u.openx.net
lh3.googleusercontent.com
m.trafmag.com
match.adsrvr.org
news.google.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
publish.eastleighvoice.co.ke
scripts.yehtu.com
securepubads.g.doubleclick.net
server.smartytech.io
sg-trc-events.taboola.com
static.cloudflareinsights.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-service.net
sync.taboola.com
syndicatedsearch.goog
tags.crwdcntrl.net
td.doubleclick.net
tg.socdm.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.temu.com
cs.krushmedia.com
csync.loopme.me
www.google.com
103.43.91.210
104.16.175.226
104.16.79.73
104.17.24.14
104.18.29.101
104.21.32.1
108.158.32.47
108.158.32.75
116.202.167.156
124.146.153.151
141.226.224.32
141.226.229.48
142.250.141.155
142.250.188.226
142.250.188.238
142.250.204.10
142.250.204.14
142.250.66.194
142.250.66.227
142.250.66.238
142.250.67.1
142.250.67.4
142.250.72.131
142.250.72.162
142.250.76.104
142.251.221.65
142.251.221.66
142.251.221.78
15.197.193.217
151.101.129.44
151.101.194.58
157.240.8.23
157.240.8.35
172.217.14.78
172.217.167.110
172.217.167.78
172.253.118.84
172.67.38.106
18.244.49.108
182.161.73.136
183.177.68.211
193.200.65.6
204.62.12.209
216.239.32.3
23.108.103.10
34.102.146.192
34.120.135.53
34.96.70.87
35.244.159.8
52.220.85.210
57.128.210.69
57.129.85.132
64.233.188.156
74.119.117.47
74.125.137.84
80.77.87.161
92.223.78.30
004322721c8557331759bc6ddaacbb689b0f0715d688aec82bd056d2d5b5cc3b
09e7b34bf9f57665cb8f18ac431ddfe947f2025235503f9f1dfdd4392d189971
09f12390f8f4fdc9fa63c88574748e0d498d814b7da42a03b191821e43beb2a5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f19ea655835bd09cb706c3052aeeb6bafd4295fe3c651f1debc61e7325573e4
0f7adfc19798b1111acc6b5c6a161fc0d5472d0f0a2245171c9b6ae65e7f63d5
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
122cdbb74af7b21db1b0af1b1d0322e05f7facf2bf251e37a61ad4d0c4d62193
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13024f25dbadd93ff00508fd70e64f7c0ff7f61e5f5e971dc07e9d00520ad7c5
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19793fa28dc161337ef315aa45c7321c0a1c231a0c9de23d3bc85e4f5fb224d4
1bf1f03b1032c3915a6690cd36b0ba29edd8feefd6169c3b6bf2f24a9fdef64b
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8
1fcd7b8a4ee87762e7a51b03a48a7127b4b462137c78d8a721701aae0b458c8a
21a3cb89f3357ac7c5b7b0ac0fb823850ddbe43bdf2517132bee0937b084cb88
23d2e77961e64829183d726e3ceb51d27e07f8da186d58bc72dbe3c629dc5022
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26204f2d748197a88f8b839f1a741a1b585e64a44cc6e1d907796594dde35d1b
27e847108969b0bde29a39b7c686d806dcd8d985ecec56da93d21d905f9d1bc8
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2d6f840179b6bc59aa20eb0a3c932a9caad8a08658d46565461e04dd0f6e4fe9
2dcf5d143cebc1d392322175611076734a5f484e4cd691c84e5b75dbb81e062e
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
2fd059098e52e1092d6a5fe03ba4aa5e6d2d8f2cf48a3cf1dcaf73888432ad38
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
32bb7cb99bb2ffb5b46efeed845a241336eb27cc959be9865c6e17629dc36e33
3363b12bb54df1197afae930727f2ae82b4fe80e75f4d78bdf7c7eaf8566fd9e
3698ce126bb838c3e38999d169d530fa3f153785168a15253c0685f8b7ccce14
36de11b4a09f8cf28a1af52db476c473b93176cbb19db0f4da95821bffb86398
3720dd359056e021bfe3bef07ba58c8e960cbebf30e2b786f46d8f10b52ea8aa
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3c356df94c07e04177de36f04918c185017941fcd188e60086b68e60b4dd347e
3d73904d0d2eb17d468d56d0ea761efa551a9e65d425a419e88abfad9dc0f045
3e0a7e758b7310d67b0bbdebab18cd5b2fa5ff9abd61be6ea5b23b9db360cf9f
3e79535a24928a654e7afec5673fc1131770b3da730bd92a215f84d020834d92
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
43fe7cc6db1c3739aeb83e2496de0dd49feaf3aeee148bbb99f2aabd682f9347
464e23b0bd9a539e44367a4c76148ada0d0646ed5a26a86c9cb2eeaafca98adf
48df741978c7764df41197d7f628ea6a8d25c32dae087888a9825d3dec8dafd3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6e03a25fe39edee0dc6bfe94a40b9dd5f8780133a58368b40d65176ae7326c
4d2cc16b87d3f592e8775a33b10cdcf583b507ccc15fc697f50ec97c74c38ed3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea94890f416dfcc8d5eab3b357ec1abdee7d4c6422820a3db9207b7157c4fa8
5325d6492fc15533cb027a27f72a358876bbb155fb21ee5199de1d0e46d7d0de
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54c9b3c957e28e867df94e9673792a2bcdc34892d62de6687c8f0a7e2d293381
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
589428b9332ad97f7450c8be805677f80616cd78d9c7b364c226487b90fed3ac
59a4a5a1b30d5f108456b4419eead16cfd847217f11705829062f37982c97baa
5c331ebce9508fa836a01cd627911279a6dd6f1efb383a4e20e065143f6e596b
5f8147c963d97bc4f2739e5bcbbee007223d1a5de882536ac6d34c0365c2b312
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
64f4daca5f56a31f51a54e054df825b8d6a53d0812aeaa7ca1afba2e941b4566
69df9520e73d741f328f7a40e279710499d1e2af1a81de60b2be855802f0745c
6ac8891574bd35cb8a15af8e214ec751a1db35c59edbaf8b816d3d4c50a54089
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9ae1fa0d1fc51ee0ad3feb565083bee200289c71bb346020f9b3d80cf73636
6e763114762011985518007523e50ad5db3f86101e98cee9fbccabeecd388589
72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7518700726118d28b761ee21f048edd1b766b60e6961a1d3c2f2896e727e96d8
76568c23cac62579ba0b8cd15759dee498de7188b569bb25f717d7afbb27ae47
790a7889e7906ca38d41411080df22db92cda949461a038c6698560324643f83
7b9ae8764c65a909e7c7529db59fd7427f243fd849152f9712551d72ac075591
7cc3060943bf2005229356db602bca7d008c6f8e13d4c6c14bf0866f6ed15f00
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
825535f6086afe68efe2645368cbea451b61a64f3a2b6b85322f2c2c74e968cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84645b7b9df42ec0330ddd9a5c06b0d6274e59cb995bf2ff1566e1cf88635e52
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872c2243a3a89f9f017a6397c835014e0664b82be6540187d5f81f3e028b49f6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ad865c441a5bb3e246dfb1d9bac156fe018430bc2d14a183051c8c5a10453bf
8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
8f765f46feb4ef0b72b6c41cef05777f2219ca44400843f7a5067b970b26db8a
91809e6416cb7fc02c82a7365a7646d9ccef59f50ef3fb8499dbcf4d20897ba7
9379024a28c9882e60b18b75fa610825373c8527b32cf95d97824ba2c81ffb07
93cfceb9814fd5ab989049bef9838061d1e2448453093a95ea179709ee89eb75
98d303534aea59140aaa9d34faaf447f5bdfab66b5f9365ad2249489c9aaaf52
9937b9d3aef84b55c869f13038c3e3999bf74f3cde3fdb5f50663ca22d69b929
9b8a358e7d18c80b971d4fd87a77da65951ac60bd62216a76076be7a04ee9c3b
9cdb904ccfcca68a9aaf53e0e9353ac724c70189f291be2d71439e786250c9e0
9db1d1c06b354247e2ece4380dbe155e43e7727ab219babf30a0f315bc43e29c
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
a11feac2edff6d483f55354f6da985d0aac66732ee6ee2d55867a9e1b38654be
a18d411b65c2e37489f0da4b898e68ce245f459b17b78703bbebfc3f0474f92d
a1eaab8c8682f4c3cea300b40aa92a09eefb78c126d2b73299cb92dd95c533c1
a38476dcbd8462d7d445bf05b9c97256b865a86f847fbf3fbf543b6f07f06b5f
a47c063164c2325d45de71f6ae2f8fc296c798f0c65325d2132d7a869c435e58
a5178c82ad3d32ceafb6ea5297ad34833da1f8f34fa8bd97cde1c29255bfc569
a6b0af6bc7027a520060d17b3dba0fe1b341c5366c863fe32c0db3d10a433da9
a8955009c464cb17a8cb61a6331c21976e1d497055577048469acb86bec93e09
a9ab778b146c9df25c1cf038981a887c6ecf97f26b548606581c69af2468551b
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
aa64a4aec31e212ad343ac21d26c41924c81dc63ca30b05a8c53eb2756cb9b60
aa981f57b9f4f27cb54004da1c74bd5c3bd96e05c481a12e64c315ed9670f375
ad54c3d6304bb8e9633c9d2790f7588a9144e5950adca78b0cabcda9cda92457
adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4
b1458b72649136a763345013072eb3514cc23cded56be7db13b180b0c817b25d
b19a3eefc5a585cefd5f98d2f6b7b1334fdffbd15b3de209c383b31c40360d8d
b32251772776634bd41259d6845b2251150a7e22d279acca91108a105d7d9b50
b4aa813243a8fb5d8a1f88a92ec96c1984e0a8db4a5c2ff6663f767ebf749cd4
b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b77e839aee33d67ff170eff4e9b2f24dd7346c312d0e982e90f1a5c70911f4bc
b7b185c477c10f5bb0f3e5437358183a243ce99d74c7e279a0ea38eebd379645
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d
bf4eb6049325d3e479c1fbebc35d1b47f399a21cca74ed75bf7e3a4365cddf21
bfa155dd2fcfaa5c52b48e4b13c2c58e0cef179f2f17b2084a85705351741e15
c031889066cbf89f3e46896026c575beb96d9021c76d639e4cfab10e69711ae9
c3cfcb9c36740ffabea8d5e6d4deb3c040834b0b4f4a48d5d91bde7e792039cf
c3f8c3da4430d08cda67d76bb22d139eb22bc7f85fb703e2121163dd2ffac787
c56433b01c5d7a212744d09a96f601232a5f9a34147c927997d9cdffd6cfb097
c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f
c96857083ddc556582862f666dee1d2f385dc810a2bb1681de53d35fe85f41f2
cceb28237867d40445d039bb9d45e386d74976840736203f7d75e2ad5233929b
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d19c4497e74d970fad7a11881497e8ac0a977c8fac81a777859a2175b5b58c5c
d23a1ca7986eb2495a15421cd5070d51f3321817b44107acb3342569c312d0ee
d300ec3dd9e47baf4ff831fec237d1fd572ef47e554202a70a3b57c13699dc67
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d5fa7a2c049f9332b2d84b2e0a35ff1cb03ad3eabd4edd26a87a215bd1f02057
d6e4198d8e435c95395abb7aa994483357b22bad1f60a91e31e3de92e0d9b8c3
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d7e5b5fe8044514bca490102b36bab62a655084651ac2ec693d3965ac3ed1e7f
d84ed37229a5ad3424b737517d9700dcc15f4021baa61b76161a198d69cff347
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
db65b81317465dcf9f1f48bf14ab29bcaa48b292e9bd034e7e4ce7399e1fd166
de2674d6873d10657cc86145bbeaef6574b1cc96beab1b8c53acd97b5cdd60f6
dfb1e01b621765c78a051d7744197bdee1e411a436a4445e25067ef83d89df50
e021cf3ee08b725c23a465eda2a33b3f7c8797b9feaaa193dc432fe43f166163
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ed6cc2a13fd1de0a856298c57440fb4c9965bf97cce5081c491d89503712b6
e5d6272b39ba6ac3d0ad3eb9a7d81b1bba4aa88bec6e58b6aafc20b8019968e0
e6eef82c0528d181f7d805e6785d49aa051170f8c94e6347b33bddcf21bdd200
e80b856a086cbdc9585ff3dbd633cc875d4af4a58d559cbe3d3531de5751fc8d
e915835a54bc9c9bb86f2372ca9e010e168edb10fabc6922e5339eacc233a677
ea2eb194f721917932941a998262077a3ede3fc35c39697b552550ddd2a9ed8e
ebe618469d4216b66fbb4b321f61b464a4c53b41ff239858373bd8345f3a6103
ee30afd22f5ade5c9a6907ec3828481020d7725b5b00d79ec50b8629c8dc1319
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6c2e4b522b9a454d1a0c9c58f55eadbc5978d0bc181ec3d54c5ae3c91539279
fc7a1bc28ca158c9578bc5edf3627755aeda0e2e80b61b078129cbd5ff4dbdb9
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

eastleighvoice.co.ke Open in urlscan Pro 104.21.32.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

89 %HTTPS

0 %IPv6

42 Domains

70 Subdomains

53 IPs

9 Countries

4982 kBTransfer

13823 kBSize

59 Cookies

24 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eastleighvoice.co.ke Open in urlscan Pro
104.21.32.1 Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

89 %
HTTPS

0 %
IPv6

42
Domains

70
Subdomains

53
IPs

9
Countries

4982 kB
Transfer

13823 kB
Size

59
Cookies

245 HTTP transactions
3 data transactions