eastleighvoice.co.ke Open in urlscan Pro
104.21.48.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTN...
Effective URL:
https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Submission: On May 27 via api (May 27th 2025, 1:50:24 pm UTC) from DE — Scanned from AU

Summary HTTP 242 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 40 domains to perform 242 HTTP transactions. The main IP is 104.21.48.1, located in and belongs to CLOUDFLARENET, US. The main domain is eastleighvoice.co.ke.
TLS certificate: Issued by WE1 on April 30th 2025. Valid for: 3 months.

This is the only time eastleighvoice.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	142.250.66.206 142.250.66.206	15169 (GOOGLE) (GOOGLE)
1	172.217.12.138 172.217.12.138	15169 (GOOGLE) (GOOGLE)
3	142.250.76.104 142.250.76.104	15169 (GOOGLE) (GOOGLE)
8	142.250.66.227 142.250.66.227	15169 (GOOGLE) (GOOGLE)
1	142.250.67.3 142.250.67.3	15169 (GOOGLE) (GOOGLE)
3	142.250.76.110 142.250.76.110	15169 (GOOGLE) (GOOGLE)
8	172.217.14.78 172.217.14.78	15169 (GOOGLE) (GOOGLE)
7	142.251.221.65 142.251.221.65	15169 (GOOGLE) (GOOGLE)
22	104.21.48.1 104.21.48.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.175.226 104.16.175.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
17	108.177.97.155 108.177.97.155	15169 (GOOGLE) (GOOGLE)
4	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
3	172.253.118.84 172.253.118.84	15169 (GOOGLE) (GOOGLE)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	64.233.188.154 64.233.188.154	15169 (GOOGLE) (GOOGLE)
2	64.233.189.113 64.233.189.113	15169 (GOOGLE) (GOOGLE)
1	182.161.73.173 182.161.73.173	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.29.101 104.18.29.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.158.20.65 108.158.20.65	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.158.32.47 108.158.32.47	16509 (AMAZON-02) (AMAZON-02)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.91.181 13.33.91.181	16509 (AMAZON-02) (AMAZON-02)
1	172.217.167.97 172.217.167.97	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	173.194.174.100 173.194.174.100	15169 (GOOGLE) (GOOGLE)
1	64.233.189.157 64.233.189.157	15169 (GOOGLE) (GOOGLE)
4	142.250.67.2 142.250.67.2	15169 (GOOGLE) (GOOGLE)
2	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
3	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
1	74.125.203.101 74.125.203.101	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1	54.179.82.148 54.179.82.148	16509 (AMAZON-02) (AMAZON-02)
1	183.177.68.211 183.177.68.211	10310 (YAHOO-1) (YAHOO-1)
3	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
11	92.38.145.145 92.38.145.145	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
2 2	108.158.32.67 108.158.32.67	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.169 124.146.153.169	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 28	141.226.229.48 141.226.229.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	151.101.66.58 151.101.66.58	54113 (FASTLY) (FASTLY)
1 2	103.43.91.51 103.43.91.51	29990 (ASN-APPNEX) (ASN-APPNEX)
1	116.202.167.156 116.202.167.156	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	204.62.12.209 204.62.12.209	46636 (NATCOWEB) (NATCOWEB)
1 3	23.108.103.10 23.108.103.10	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
1 1	8.2.109.250 8.2.109.250	46636 (NATCOWEB) (NATCOWEB)
1	193.200.65.6 193.200.65.6	6681 (giveme-cl...) (giveme-cloud GIVEME CLOUD SP Z O O)
1 1	146.59.69.183 146.59.69.183	16276 (OVH OVH SAS) (OVH OVH SAS)
242	50

5 142.250.66.206 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.12.138 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s19-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.14.78 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s38-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.221.65 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.21.48.1 (None, )

ASN13335 (CLOUDFLARENET, US)

eastleighvoice.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
publish.eastleighvoice.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.175.226 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.66.226 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 108.177.97.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.188.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.189.113 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f113.1e100.net

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.173 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.20.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-65.syd62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-47.syd3.r.cloudfront.net

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.91.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-181.sin2.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net

2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.174.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: td-in-f100.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.189.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.203.101 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f101.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.82.148 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-82-148.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.177.68.211 (Hong Kong)

ASN10310 (YAHOO-1, US)
PTR: e2-ha.ycpi.aue.yahoo.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 92.38.145.145 (Atlanta, United States)

ASN199524 (GCORE G-Core Labs S.A., LU)

scripts.yehtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.221.78 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.32.67 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-67.syd3.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.169 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 141.226.229.48 (Singapore) 1 redirects

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sg-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.58 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.91.51 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.167.156 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.156.167.202.116.clients.your-server.de

ads.yehtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.62.12.209 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

sync-service.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.108.103.10 (Jurong Town, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.109.250 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.69.183 (France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ngx-pl-01.greencuttlefish.com

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 1001 beacon.taboola.com — Cisco Umbrella Rank: 1893 trc.taboola.com — Cisco Umbrella Rank: 967 sg-trc-events.taboola.com — Cisco Umbrella Rank: 38904 sync.taboola.com — Cisco Umbrella Rank: 1598	297 KB
33	google.com 3 redirects news.google.com — Cisco Umbrella Rank: 6756 play.google.com — Cisco Umbrella Rank: 60 www.google.com — Cisco Umbrella Rank: 9 accounts.google.com — Cisco Umbrella Rank: 30 analytics.google.com — Cisco Umbrella Rank: 240 google.com — Cisco Umbrella Rank: 1 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 588	332 KB
25	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads.g.doubleclick.net — Cisco Umbrella Rank: 71 td.doubleclick.net — Cisco Umbrella Rank: 484 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	308 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 151 2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 220	304 KB
22	eastleighvoice.co.ke eastleighvoice.co.ke publish.eastleighvoice.co.ke	2 MB
12	yehtu.com scripts.yehtu.com ads.yehtu.com	211 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	196 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3385 google-bidout-d.openx.net — Cisco Umbrella Rank: 3319 us-u.openx.net — Cisco Umbrella Rank: 794 jp-u.openx.net — Cisco Umbrella Rank: 8728	2 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	67 KB
3	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 4408	1 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 524	8 KB
3	google.com.au www.google.com.au — Cisco Umbrella Rank: 17609	191 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 296	164 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 118
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 100	258 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 392	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 496	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 10402	863 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 922 id5-sync.com — Cisco Umbrella Rank: 560	31 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 3683 ups.analytics.yahoo.com — Cisco Umbrella Rank: 790	9 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1352	13 KB
2	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 3979	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	75 KB
1	smartytech.io 1 redirects server.smartytech.io — Cisco Umbrella Rank: 8971	611 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 154190	349 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1435	409 B
1	sync-service.net 1 redirects sync-service.net — Cisco Umbrella Rank: 12962	378 B
1	temu.com www.temu.com — Cisco Umbrella Rank: 902	498 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 2724	855 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3095	4 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2504	3 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1633	7 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2575	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 1030	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 4968	268 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 585	7 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 102	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	3 KB
0	loopme.me Failed csync.loopme.me Failed
0	krushmedia.com Failed cs.krushmedia.com Failed
242	40

	Domain	Requested by
27	sg-trc-events.taboola.com	cdn.taboola.com
17	pagead2.googlesyndication.com	eastleighvoice.co.ke pagead2.googlesyndication.com securepubads.g.doubleclick.net
16	securepubads.g.doubleclick.net	eastleighvoice.co.ke securepubads.g.doubleclick.net news.google.com pagead2.googlesyndication.com
12	eastleighvoice.co.ke	www.gstatic.com eastleighvoice.co.ke
11	scripts.yehtu.com	securepubads.g.doubleclick.net scripts.yehtu.com
10	publish.eastleighvoice.co.ke	eastleighvoice.co.ke
9	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	play.google.com	www.gstatic.com
8	www.gstatic.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net
5	news.google.com	1 redirects
4	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
4	www.google.com	eastleighvoice.co.ke www.googletagmanager.com
4	cdn.jsdelivr.net	eastleighvoice.co.ke securepubads.g.doubleclick.net
3	inv-nets.admixer.net	1 redirects eastleighvoice.co.ke
3	trc.taboola.com	cdn.taboola.com
3	gum.criteo.com	static.criteo.net cdn.taboola.com gum.criteo.com
3	www.google.com.au	eastleighvoice.co.ke
3	analytics.google.com	2 redirects www.googletagmanager.com
3	accounts.google.com	eastleighvoice.co.ke accounts.google.com
3	cdnjs.cloudflare.com	eastleighvoice.co.ke cdnjs.cloudflare.com
3	www.google-analytics.com	www.googletagmanager.com eastleighvoice.co.ke
3	www.googletagmanager.com	news.google.com eastleighvoice.co.ke www.googletagmanager.com
2	ib.adnxs.com	1 redirects eastleighvoice.co.ke
2	match.adsrvr.org	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	cr-p3.ladsp.com	2 redirects
2	us-u.openx.net	google-bidout-d.openx.net
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	td.doubleclick.net	www.googletagmanager.com
2	oajs.openx.net	1 redirects eastleighvoice.co.ke
2	syndicatedsearch.goog	www.google.com
2	connect.facebook.net	eastleighvoice.co.ke connect.facebook.net
1	server.smartytech.io	1 redirects
1	m.trafmag.com	eastleighvoice.co.ke
1	cs.admanmedia.com	1 redirects
1	sync-service.net	1 redirects
1	ads.yehtu.com	scripts.yehtu.com
1	www.temu.com	eastleighvoice.co.ke
1	sync.taboola.com	1 redirects
1	beacon.taboola.com	cdn.taboola.com
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	google.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	partner.googleadservices.com	www.google.com
1	cdn.taboola.com	eastleighvoice.co.ke
1	static.cloudflareinsights.com	eastleighvoice.co.ke
1	lh3.googleusercontent.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	news.google.com
0	csync.loopme.me Failed	eastleighvoice.co.ke
0	cs.krushmedia.com Failed	eastleighvoice.co.ke
242	65

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
api.whatsapp.com
x.com
www.tiktok.com
www.youtube.com
whatsapp.com
popup.taboola.com
lp.compareclub.com.au
in.blissy.com
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.news.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
upload.video.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.google-analytics.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.gstatic.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.googleusercontent.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
eastleighvoice.co.ke WE1	`2025-04-30` - `2025-07-30`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3 months	crt.sh
*.g.doubleclick.net WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-03-05` - `2025-06-03`	3 months	crt.sh
accounts.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-04-27` - `2025-07-26`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
*.googleadservices.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
syndicatedsearch.goog WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-11` - `2025-07-04`	3 months	crt.sh
oa.openxcdn.net WR3	`2025-05-11` - `2025-08-09`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2025-04-12` - `2025-07-11`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2025-03-25` - `2025-09-18`	6 months	crt.sh
id5-sync.com WE1	`2025-05-24` - `2025-08-22`	3 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
*.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google.com.au WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-02-24` - `2025-08-20`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.yehtu.com GoGetSSL RSA DV CA	`2025-03-13` - `2026-04-12`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Frame ID: 0A31FF058F4E7E3986A527B760F4E18A
Requests: 188 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: E81E5F13FCD1E2E3AA6E335F29EF9791
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads/i/iframe.html
Frame ID: 98874FDFE99D5B7CB9E5F0E6D4D0EE80
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E6D847E13FB53C43BFA3D52850251FC6
Requests: 1 HTTP requests in this frame

Frame: https://2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 48B5256A9B94EB3570B8B1D189592905
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=signin_with&shape=rectangular&logo_alignment=left&is_fedcm_supported=true&client_id=481326698458-mcrfe6h7clrbbko95p9btt573bii4feq.apps.googleusercontent.com&iframe_id=gsi_829628_567597&cas=w%2BlzYNAdQrjMPw3hBUYmUBut3IDdcESgp7mAWE5HYvk
Frame ID: B25C2BA3BDEF6F50654C43B9E8E78D1F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1005654510?random=1748353829746&cv=11&fst=1748353829746&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 171EC7A5FEEAC2228952D7E9EDFA9D05
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1005654510?random=1748353829777&cv=11&fst=1748353829777&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DMaureen%20Kinyanjui
Frame ID: 81743656E34EF6BAF23C8AEBF1408F32
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Feastleighvoice.co.ke
Frame ID: 362A6444AE33133FBC9F8D670772E2D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: E2AC43E3437C0B884AA2C671E56CF00F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701068765942733&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748353829&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A192%2C2%3A192%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.07881135168149486&aiapmi=0.16&aiact=0.7202448128909672&aicct=0.7&ailct=0.6476539709848911&aimart=7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748353829393&bpp=23&bdt=863&idt=486&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=413467138627&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092201%2C31092619%2C95353386%2C95360610%2C31092611%2C95361622%2C95359265%2C95360957%2C95360294&oid=2&pvsid=8177430155033987&tmod=948951005&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fnews.google.com%2F&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=521
Frame ID: 8EC6220F01811736AE10C62312B49ABA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke
Frame ID: FF104EF5E757A4601F82765059A82C05
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5hqLmZN_1HVE21R-DXfG2Wg3U60uvBSxVehxd0ON6qUjK-lNLuVq3h3iWQ4Ihz53MiQMrXbnfiCTu8zxHUs1TqoqFQmK4B36R_zTCaed88FH0XsbBx4L0ZJyJIaGPoR1KZqR3RP9jp4a21KUVPViMX-TcjTA7HIh_r9txDJHsNdwGIq_I32ss7VsE-nTzFs8TUN2gupSP57wyMPwS2X6lWwHkYuiQtb9deFfpDJxkR7Br0NKr2Q_s6kDldVK9qqMM8O8b8lGwhkDMjy_a_S82SmhMSNx62YG4B1eY1jWzNmhLLjqMznXN1gjYc7On6TrBp9FgAw8dgUKMskclOw3YlfXta7y1d5sNQCOI4pehmnODyCaUQLg6xeK3nEn3u3Ik-lrdiKwpWfieVfYRvPZQ0AYi8l0&sai=AMfl-YQnNEiwStSYtMqHgQiHYwBPPNi1RgTT6y2cEpPGH2zZs6caCLhpFXBmbF0zhxvff3hr_F4q5giUhHx_fRncORJXPqpai9lWYDgsBqAtqBSEep2gVT6yb3Se9vPZjJnFCFcPJgWmMYzGkB3OvTc2Fg&sig=Cg0ArKJSzIhxMrJz-OYaEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 35AB7679AB27AAC3675F735901F7037B
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaKXH93fgpG8iOccDmZSAhSTYoEc2Cr3BdX_yMZHOMh-I9O5Cgk8SR6qAzzniEs2xDQJSPF0hBYzHqtnMFIWT1MWC4PC_tUwWkfdmsnY934TlZBNiNAaGEEQ8rgvLqbWgjZa3Tem81Uz-sNKN3xqH1_vSHoB60PEot4KZH-tCD-Xm1vSxnh5ermHtc_gNJ5b9kVpN4r2O9rvNGpCBK337-cuJ-SihiF-tNjSWsSIpCNtRfAnr2Ukc6bZfB9Rz6XjvVvDAt_Id_sLq8UqtiPyfzmzFbzxaTT_D96aXG9Le-KxGa-GSDWDz2A8VnWjERXSwfHw88ITzPmVlGWDXevkVGCrcH9Q0gQPISibwg_DG9n-AfjAPomtAnyWB4w5CO0TbILmLF46bBOtJIl8adORHRT7FJsIUacE6_UQqW0MGAqum5weqXBb6b8VEEkCc&sai=AMfl-YTkXz-q5BDUinVKFcUD0tYwkdZumJmJCxGA8TEv-irdET7pEOLLVQnCmkHklzpmApT8dG6gbgG0HRB9weHNcKHf5TzCeTzMALaNVkKpZADPtw-SrxOMh0WGiAUoZrbx-czM2Fd9_3bpiIbenWMI&sig=Cg0ArKJSzCpr_WXx3BpJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AA898D82B1CB11D2B11AFE8AC11BC50E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv35htgPN8tjKNKrB8s0ZxI_chOskvUgNGPxjHE_-PEdRE1gA2cyS5nZG86u3ayjXEzt7W7Jp2x_qr799jT-ci9R_VMTenG1F8ESBkRlS7CftN2CSsnGdTXqAEw3RcsbWr7GSsvuI-2TY2CHb6EdQMrhJ6zB_nTmrhVgWGKSqgelevrdGkXxURBjIsLv2M-SxgA-6_EIRK7UzPXRRE4Cab1DoxWAEYppP4JFQFLki6r3DffYbCWrharQoHWSfsOZOfgxY7G1wWNUs29LJfu_ueK5SVvVGp8bQGR8tkRtlpNuR0rXzvB2-wpejBcKZIROMOVfvkQqMIvtOEr-TjI5wECGaNsxLyFKN3zFH0Khwf1Lw_Cm_nyEnC8CCSdQvW3EbOFGV9hOmDnOsTNUHsCnDdC5WjDRKP52V4UY3DZo3Zqzemx7KpiDyAEL0jeDtkDhX_kA&sai=AMfl-YQu-0uuL6BbXxaLgRcArMuQJHcwl64FjKPkWNqQ7liVIahU2SFMc9yNfl9Xz8neTEXbRQ69Qbwv6C8I_D1m7jq3Ifuik3CMmmWsBrC9rPxJfbPk-mnkC_oZNstbBtERnXXW9uGVdYG7c88QUInS&sig=Cg0ArKJSzLxuxiwi8hShEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 4486E4E21F6F121760FAC5682F4CBF02
Requests: 11 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C7768E461830905EE11607C05BC24B29
Requests: 6 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7
Frame ID: 885E0D4D89C75BAF20C1FCDB359893C4
Requests: 2 HTTP requests in this frame

Frame: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Frame ID: B8EA48EA761420EFB3047CDADE79FD55
Requests: 1 HTTP requests in this frame

Frame: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Frame ID: D09A6FD0E3869198B3288C5512A1B9AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Why wildlife attack victims face longer wait for government compensation

Page URL History Show full URLs

https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY... HTTP 302
https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY... Page URL
https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

242
Requests

79 %
HTTPS

0 %
IPv6

40
Domains

65
Subdomains

50
IPs

9
Countries

4129 kB
Transfer

11219 kB
Size

59
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EastleighVoiceKe
Title: Facebook

Search URL Search Domain Scan URL

URL: https://x.com/Eastleighvoice
Title: Twitter/X

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theeastleighvoice
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@eastleighvoice
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@EastleighVoice
Title: YouTube

Search URL Search Domain Scan URL

URL: https://whatsapp.com/channel/0029Va7W2WU6RGJLTsR7vg0N
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=eastleighvoice&utm_medium=referral&utm_content=alternating-thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://lp.compareclub.com.au/life-insurance/life-cover-x-daily

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theeastleighvoice/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/Eastleighvoice
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?utm_source=whatsapp&utm_medium=social&utm_campaign=spread_the_word%2C_read_%26_share&text=Check+out+this+story+from+The+Eastleigh+Voice%3A+https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation
Title: Spread the word, read & share

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=eastleighvoice&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=eastleighvoice&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://in.blissy.com/skinhair-taboola

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssP3c6QhFcUsbhyxPMnDXgJw0QPBmcDdhmStDSAT6qwmm92bqGcr82Sl5YkV4iAfXFixbviIudSiQoXdKv0-izPO3r-U2hMSvpnI_45Y1n1uuNEDSNEwmM5aEApsO4fNaivD2DNfZH1r5dYnLBCzAkNljFxNFPaFuBAA08lw1dzUrxU2a_RkFyCo5IGV_FwyEj9_BnGt9GPXnOwZLa0XINAQcZqGa2HBNMVBxjCSz5xQVpfo6ziGPgMDtOqSqftBYpWjeylDDu9-0WVLCySc1mhoe__vjgba6d1R_QMe4ofP30WylnpUkdXfYGjO6u0YW2gyfWgD1-vH1QWVXFixfgnyEiASZxw_3d3zPf4sChYuCJqVQ5ZTQflURhHmaGMVQ4U6A&sai=AMfl-YRl57l2gFl6CSHaoEzwrPGy-_VgLh2s5jdMM7XlKp8IeaMXz4etVH_wYlPTHfA_hk9m-6sXgGhXGWxvm8ZVla_aC9zaGvALC_txC643A_--QEoUjHGWmoD5jsv8jyPFcBvYmYHpT98cE4vFSJd6Hg&sig=Cg0ArKJSzK7q6UMXzPnO&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.facebook.com/amilitopuplimited/

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QAa6sZrFzJFv23YCTy5CLeIp19hmvMegelveyi_rHEZSVSnOCoqx-5B6ujEmwt1u-T37b_cAbDtOBT66tXZf57dgxSLXW-Py5LRQeB3Ri2zQPulI9JC9eJmkCwZ1sRnXGYFDZgbIN0EeO0V7N1as64WWLxZ8TyQ8VWJdJH_L3nu60dlsNbHQB7M_HT8cNyuVYXHw7lAQVh__nS1rrKn2yTyYdIHE7SJu-Btw-TYJ677_QxlvadDJl8R1nxHmtFwpYm1DMtWFKgWClJX47OI8CxIo_dQvn7E-KshOg4TLLojH8BZjA590b0WZ1JIXsqIOaxGSx2fEUmSpy4GQuHqa1JJQxUJKMWcON1LpjAtX9My4cQExXZOC9W7SKRORijjfs1k4fRfXq1XyBwqlyHraatyQ_YOvv9QH1cfLIb-STSuxvoZ__9cR2J483nh66Yh3Rp3JMpLypD7RRsjYh5j_jiHmM8n-rxxEImwic_VCkUMrqP2-af3Ci2a1fUOkWXzHRJJyC-B6VtbB9tWvwbUJArMfHJPvAmQhMMWBVb_outl-K9wPfvIewbX2qVrK-yQIgTjugcMhhjh152ACgD6P2zZxBMGd0Z4ZSJ3T-St3hx61FihDyvYHmVsySSW2btvuFvDStMlQ1vhvknLVkP7YqqcJGBOqYcr53OWRB31ZB-agP1PDyCRNSdVSf2HAg9Xwdvd8SOBfugMeDwpLS_0M45t6fUSw8Moj-V1tKqyrMTilXBLNblIQMHMJ-lNKsL2k8yqTsiI3xKF58kt26Q3whjBSjfQruTNXE6F-hZX41Bahg22sCz5hOdWr9FgaZhcdmySrRqIf6ZtbdYJWcBlfESrg-7tmNZ2gZZ5hA4TKoEmSW7jo4Vhx-pqm24BXeM_wusDj0z7W0iovjUPMKoqaiHyVqYu4HJTB7Ja3Pzw8y0uTUrLCHEgJD5Cmk8Lc-mmTH0dXs1_sfbEP6Vs7O66DJWPWgZrByxXoW596mryV27XSEmZHRmziirrYcHCvBzoyhA6zG13nPpajjfh2B_fnKncOtEzBAgTSUP7lDYiv7Wl2Ft02vh8RTzHmGUltKCjZAb11eDzOzef-xtafG3iUDdfwgwveZn1FmvZEZyLKMbYGcp-PH3tpe84P9XjLxrKesKwIe8N3mHj6XdhjAnE7ZEr5EnkK7CK2gsaTmhXn9ny3dcTo_yW9YpWd4fHylE7gtt8cRjeZa4egt4Z5bW4Wcn_plVRFCyHxO4oV5KvVh9W0u0W-y6YGjx1c69ntifjS5nzfC2S9NnzJStX789dqf8M4X_FcevFKWjbHuXIF5t1_8RzEAblikXBqbHvuuNRzcKEJp4rYkjcq2gNVyGx1_BOvFQKVhcpY1dqQlilCgjNOeLOdDpnj_K5RugLVakyAgIYCs6QjQZeyVGnnCSXzRsZgxqt1tvbr6MTm8XUXYW1JUeM0vjRZETmSw6_KP7WDXkfKc8sAX3HERtc2jNd_pRjHYsZGpILqRejZ0TDtUZ8MFfKP-RKDqyKyKqmGV2WjqzsxOS2rs1RQsOrFZqdz1_tx24f5nrmvIOPPC4nsSp4ADS6x24oUTBdRPeY6TWo1FyKvY6j7HVtTV5KEJ364k4MxKgqBD4oeE-rf2Wk9BV0RwYUgKzBBJ2PwiM_&opi=122715837

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsu-4KAhUGb02uOgW4wkB2I8wBVzTloMV7K-qJTym3xqen5u-bAv-F4WFxL9975ldFAsLQEuZKSK_7nAfHNQNFoY6hPnnb8ZX2m9pCEFbHuWW-jQ8cilvjxDDNEdInRcrwPhw-cyuNCG03TlAlLqpMCWuCv3UvrXDbr5fJtho24d8L0b8degsZ5bS-l5213faASsrK1OtCdty2OdppZA5hH5kFKXDAerflK346sUvm9ky34HkgcTH2WxW2mnamxm21Ygt7xmEU0CUaRZdPYtRmjLGj36zzOyU5TaRUvnPUeSmi-7XsTjQ4Dy2EKsHz4bSme3ACqH1VTWAHBKz_s6FcWskkiMr_1Uyeo-OqwFQ_khS8YmTlh_N8K-AGjjT4nN0eOfMr4ChrRKfcleBVYfHQ6OAhV0yJ_YzFhs_9T8k7WC&sai=AMfl-YRH97ln0MwIRgeLspu8R7Q92IQW9mfCiQo-BHPAUfWUaLkEXMHD6AhWc8kzV2il1CFuoe_LVoBaxWBQ3ZG-nSAT2EYU52OztwYRD5Mwj60Wk9tC7tnetC9zJijS4V5woEYUtX9IPmfa5G5DvUbT&sig=Cg0ArKJSzIerqkU55ObP&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://wa.me/254706899442

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QAy58ia3YIJ3s0JVfefbo79a91PtaO5FdL5Se4RcWdhCsLzUU2pDoA2yf20LlFxusH2ZUzyGit59b07W-UXxY0Qm-PzwuGMMe7O_zx4_7Fkp3sXuf7vwsL0cEe4vLuue1aXodrkb2vBUD3irpAK8NI1ihue4yPL8EKBfrsJIbAWdYbn8_26qRL3cow9y7bVhatUhuE1BRHXcuR49lfz0pZ0mwcWBU6OMSxNQpauNzkeKEMFsXlg1QSBLzPgC0zVi8Rj4IrwbGJK1wWjA7WLOYvSW491o6aDKcUxEq-qHf4vLmwuEhP5Y3DB2fKg8jkO2mzHg-fDqty1lmniR7s2niShu5DYK7mn4IiFaBHlYa0qPWoa2aE7KSO4pQRtlfks1Rv7a3GF8mvR08jqiope16x-06sOrbNTb2fKVMXucBJeRJNKXR7lAXwLj-0VMwJ54lRivXPuWs57hMtpofQYuWc6m_RYqQTbJXkMvqugCUy3tFUoQVp7Jbw7vr0Iy_HRV7a_8bYbza7IGcxXHINka9voBxcnXHOrjHlSjeUvAINaw8T73mzubW5mXfNlHT46uWbQ50Be4Asc0YrDYinLm6IEt1xOt5csoQ1J-llwnQgj6rD7a9vFFZS1i0HnN7z5m_Y7yS3ZQAlVjOQWxVg0q-u1uZY8zUXb4-SHGeMBNJv6vSm7D7UJFLrZtq5iBqNqKkV42ybXXteUMyZ72uP_eLVvXhyy8GtcM8mGnu8WUMDVMsP-aW398kgpzIl27SelOv36325suQR1kz89hYp2SLbgWL4Nya_49YT2OyOm2yqpV1APsB9otaTOUx00sA_YZ652gxe14Lrqu25SWd1owAEasHgLG9lLhSK_nmWyWKNSx5_VYiXAlHwY43gM4dHKGfD9qW7uogT2G5UQa1ZjSmGi4kF2trGZd5BxsiYEG65hZuKWb_pSDdtIjECv8I7Uq_QbuYkxkFocYSleuhQvMIuzWjHQvAdN1_SmqeAES0bjZFoUUWQvOvFGeTfRepm9S3mSdMPCG1_ocIQHIgkv5mzAlgPpET9Nu3hPIL1RJ13PmSPmzXAk0Q7Yy8jN2EXP-ME1WOLsl9irNwZtgPgq3-2oQJt_qyE-ZN-6Riw-FfBJOR-gCNqfieuw-VYh9DJSRApyc-xW5x-PeXufAiDWTFlMfOYhBE8vpeMiEj0WRFOEQuT_Wi75AcvSs7NsECSI9kcnBkCjV8QIiJVcrtqIYa9YJZTuAkSWT2pItNHWqa1kDSvxEhmJcARSd1uSZ8dqoz_m7NQFshKzm4A0vsEhy7k-oCqfAsGdbrLnVeZA11aBSyKJCRHSD_KnSbIT3ngNQOCLhxVWpg9X0TY85I7t4vEdAMko2hnEPy6GVrAXVBCKmgnn26SnU0fTvZaSx_m5QHfgrsJsUNQdCPEzoCbHAowWwAvmS8gZ5FflbuKjalOilepN1haJYErXoirTkhFrPUcupE43RuOieVEQ1d54toS5TYjqVOyTvtlOZq6Cfk20Uyz5QUYrQTL_dJWuYiMnmBGzPDeh1F5oZvn98rnswoR6ijMopytUQmbM-pFcWJ5B5JJTBBHZmA-QYoWPWq1zTp7XiwrHl9fNnLiU-pcnRlS-WNR8inK1USjw_8n3CEjnD2th980xUdtNAq75xUMwZ4rylZ8G9MxmT0c7BDjbj5R7R6WjxDnMIsf0vNFGK0GE6A&opi=122715837

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5 HTTP 302
https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5&hl=en-AU&gl=AU&ceid=AU:en Page URL
https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5 HTTP 302
https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Request Chain 84

https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&rid=esp&cc=1

Request Chain 85

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748353828887&_gaz=1&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=1012548187.1748353830&ecid=1079811452&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1748353829&sct=1&seg=0&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&dr=https%3A%2F%2Fnews.google.com%2F&dt=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=2301 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=5613109224412928230&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F

Request Chain 90

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748353828887&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=1012548187.1748353830&ecid=1079811452&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAAAAQ&_s=2&sid=1748353829&sct=1&seg=1&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&dr=https%3A%2F%2Fnews.google.com%2F&dt=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&en=page_view&_c=1&_ee=1&ep.author=Maureen%20Kinyanjui&_et=35&tfd=2336 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=3448588972077445381&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMn2gAbtt8cn9VgUYx_2moc&google_cver=1

Request Chain 136

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATGYZYZnnpWkks8AKGevVqWQPc8AAAGXEgJPgQ

Request Chain 137

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDXDJ8Co8XwAABhLv.IAAAAA

Request Chain 138

https://match.adsrvr.org/track/cmf/openx?oxid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afb0a195-1f05-4a1e-8f8b-8da9c0b67fe7&ttd_puid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0&gdpr_consent=

Request Chain 198

https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
https://www.temu.com/api/adx/cm/pixel-taboola?id=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7

Request Chain 199

https://ib.adnxs.com/setuid?entity=584&code=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7%26gdpr%3D0%26gdpr_consent%3D

Request Chain 234

https://sync-service.net/ssp?token=QW2e7t5kKis0&pl=community HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=a23a6e8bddd1f423a600d174319fe381

Request Chain 237

https://cs.admanmedia.com/0a28772f54bab302b4cd3d4ab3d49473.gif?puid=c964e881ef124081a3d62e2c785ceb48&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D41783197-9E0A-46F4-B576-C7B369401968%26id%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=41783197-9E0A-46F4-B576-C7B369401968&id=c35f7393-cca7-4b59-9ab4-b21456026bff HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=fbfc2ebce7c5452fa57827e694321375

Request Chain 241

https://server.smartytech.io/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D17669FAA-B4BA-4D29-A46F-9415F4FCBD4F%26id%3D%7Buser_id%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=d5bc4402-0fc8-41af-a38a-20beb1fc4197

242 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9Jb... Show response
news.google.com/rss/articles/
Redirect Chain

https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQ...
https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQ...

592 KB
123 KB

491ms
489ms

Document
text/html

142.250.66.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f14.1e100.net

Software

ESF /

Resource Hash

fb23fd284365260beb2e303ea5530e146e544e8bc2fa037000d4ce7d76a79e00

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-x267DiMhkfdnJ-EkB1nYmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-x267DiMhkfdnJ-EkB1nYmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Tue, 27 May 2025 13:50:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/DotsSplashUi/web-reports?context=eJzjctHikmJw15Bi-LRjBmvrzXOsU4HYUOESqyMQX06_xFokcYW1CYg_Vd1gFaq-wZrEfpO1CIj3zrjFumvjLdZDQCzEw7Gw7fpBNoEXJ5c9ZlJSTsovjE_JLykuLshJLM4oTi0qSy2KNzIwMjUwNbTUMzSMLzAAADjHLsY"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-3htnyqN8XkcDHIS_vuiE8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Tue, 27 May 2025 13:50:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5&hl=en-AU&gl=AU&ceid=AU:en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 60 KB
3 KB 680ms
338ms Stylesheet
text/css 172.217.12.138
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i

Requested by

Host: news.google.com
URL: https://news.google.com/rss/articles/CBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s19-in-f10.1e100.net

Software

ESF /

Resource Hash

4ea94890f416dfcc8d5eab3b357ec1abdee7d4c6422820a3db9207b7157c4fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:26 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 12:51:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
114 KB 299ms
144ms Script
application/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d299622c8d59bfa5b7e1715e6a8ca049e8b8a35b4ff0aab947da8e0f50fd4e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 27 May 2025 13:50:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 116092
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 m=he6YWd,aLI87 Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,... 385 KB
113 KB 184ms
35ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87

Requested by

Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAQDAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2M2PSm2uqRTd7BmrqTvUq5SmXMr7w/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

e3ed6cc2a13fd1de0a856298c57440fb4c9965bf97cce5081c491d89503712b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 73947
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 17:17:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 17:17:59 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 115278
x-xss-protection: 0
server: sffe

GET
H3 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v23/ 22 KB
22 KB 144ms
25ms Font
font/woff2 142.250.67.3
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v23/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

c3f8c3da4430d08cda67d76bb22d139eb22bc7f85fb703e2121163dd2ffac787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://news.google.com
Referer: https://fonts.googleapis.com/

Response headers

age: 458509
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 22 May 2026 06:28:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 22 May 2025 06:28:37 GMT
last-modified: Tue, 04 Feb 2025 19:57:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22056
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 304ms
132ms Fetch
text/plain 142.250.76.110
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SYGF1G18MM&gtm=45je55m0h2v9117462484za200&_p=1748353826628&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=51132559.1748353827&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748353826&sct=1&seg=0&dl=https%3A%2F%2Fnews.google.com%2Frss%2Farticles%2FCBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA%3Foc%3D5%26hl%3Den-AU%26gl%3DAU%26ceid%3DAU%3Aen&dt=Google%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1664
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s24-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://news.google.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:26 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 593ms
253ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 27 May 2025 13:50:27 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 590ms
254ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 27 May 2025 13:50:27 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 m=LEikZe Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=_b,_tp,aLI87,he6YWd... 224 B
249 B 24ms
24ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=LEikZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 66604
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 19:20:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 19:20:22 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 156
x-xss-protection: 0
server: sffe

POST
H3 200 log
play.google.com/ 131 B
151 B 356ms
188ms Fetch
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Tue, 27 May 2025 13:50:27 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

POST
H3 200 log
play.google.com/ 131 B
151 B 356ms
188ms XHR
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Tue, 27 May 2025 13:50:27 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

GET
H2 200 m=PrPYRd,qTnoBf,pw70Gc,QIhFr,hc6Ubd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,_b,_tp,aLI87... 17 KB
6 KB 23ms
23ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=PrPYRd,qTnoBf,pw70Gc,QIhFr,hc6Ubd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

ea2eb194f721917932941a998262077a3ede3fc35c39697b552550ddd2a9ed8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 128542
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 02:08:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 02:08:04 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 6451
x-xss-protection: 0
server: sffe

GET
H2 200 m=P6sQOc Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,PrPYRd,QIhFr... 1 KB
811 B 46ms
46ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=P6sQOc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

ad54c3d6304bb8e9633c9d2790f7588a9144e5950adca78b0cabcda9cda92457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 63194
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 20:17:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 20:17:12 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 718
x-xss-protection: 0
server: sffe

GET
H2 200 m=lW1Lhc Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYR... 13 KB
5 KB 26ms
25ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=lW1Lhc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

6ac8891574bd35cb8a15af8e214ec751a1db35c59edbaf8b816d3d4c50a54089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 86764
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 13:44:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 13:44:22 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 5257
x-xss-protection: 0
server: sffe

POST
H3 200 batchexecute Show response
news.google.com/_/DotsSplashUi/data/ 413 B
292 B 145ms
143ms XHR
application/json 142.250.66.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=Fbv4je&source-path=%2Frss%2Farticles%2FCBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA&f.sid=-6699564720518687444&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=78628&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f14.1e100.net

Software

ESF /

Resource Hash

8250169f5e788cdd39790a85d347bacd84f52f27d17ea9187cf063c2f633296c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:27 GMT
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYR... 4 KB
2 KB 25ms
25ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,lW1Lhc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

3720dd359056e021bfe3bef07ba58c8e960cbebf30e2b786f46d8f10b52ea8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 41266
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 02:22:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 02:22:41 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 1776
x-xss-protection: 0
server: sffe

GET
H2 200 -DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32
lh3.googleusercontent.com/ 2 KB
2 KB 191ms
35ms Other
image/png 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://lh3.googleusercontent.com/-DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

fife /

Resource Hash

b51cbf12828a7779649af59cd4f16f4ae2c5bd0e5d59f594bb605e08734de04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 3507
x-content-type-options: nosniff
expires: Wed, 28 May 2025 12:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 12:52:00 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 1540
x-xss-protection: 0
server: fife

GET
H3 200 m=p3hmRc,LvGhrf,RqjULd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=FCpbqb,LEikZe,P6sQO... 21 KB
7 KB 25ms
25ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=FCpbqb,LEikZe,P6sQOc,PrPYRd,QIhFr,WhJNk,Wt6vjf,_b,_tp,aLI87,hc6Ubd,he6YWd,hhhU8,lW1Lhc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=p3hmRc,LvGhrf,RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

19793fa28dc161337ef315aa45c7321c0a1c231a0c9de23d3bc85e4f5fb224d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 122673
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 03:45:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 03:45:54 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 7523
x-xss-protection: 0
server: sffe

GET
H3 200 m=aW3pY,e5qFLc,O1Gjze,KUM7Z,duFQFc,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=FCpbqb,LEikZe,LvGhr... 153 KB
40 KB 25ms
25ms Script
text/javascript 142.250.66.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAQDAgC0wgAII/d=1/exm=FCpbqb,LEikZe,LvGhrf,P6sQOc,PrPYRd,QIhFr,RqjULd,WhJNk,Wt6vjf,_b,_tp,aLI87,hc6Ubd,he6YWd,hhhU8,lW1Lhc,p3hmRc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MtgYYpuO9d5UbJ_t9UcB52IRwXXw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=aW3pY,e5qFLc,O1Gjze,KUM7Z,duFQFc,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

6e763114762011985518007523e50ad5db3f86101e98cee9fbccabeecd388589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://news.google.com/

Response headers

content-encoding: gzip
age: 93884
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 11:45:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 11:45:43 GMT
last-modified: Tue, 20 May 2025 04:40:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges: bytes
content-length: 40665
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 330ms
254ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 27 May 2025 13:50:27 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log
play.google.com/ 131 B
151 B 353ms
187ms Fetch
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Tue, 27 May 2025 13:50:27 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 327ms
254ms Preflight
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 27 May 2025 13:50:27 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 batchexecute
news.google.com/_/DotsSplashUi/data/ 152 B
187 B 456ms
456ms XHR
application/json 142.250.66.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=xZTw2c&source-path=%2Frss%2Farticles%2FCBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA&f.sid=-6699564720518687444&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=178628&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:27 GMT
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 200 log
play.google.com/ 131 B
151 B 355ms
188ms Fetch
text/plain 172.217.14.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.14.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax17s38-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Content-Encoding: gzip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/binary
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Tue, 27 May 2025 13:50:27 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

GET
H3 200 Primary Request why-wildlife-attack-victims-face-longer-wait-for-government-compensation Show response
eastleighvoice.co.ke/national/155595/ 264 KB
30 KB 1034ms
1006ms Document
text/html 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa098fbde1dd8f8053e4f609e26fd0b6f569cfff3ce1f8fb7f2a8ec888a848a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 9465fb3dbe5bf0d1-MEL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 27 May 2025 13:50:28 GMT
expires: Thu, 29 May 2025 13:50:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsS5510FPHvFnnlInrM%2F4xSbtgAY6iaEth1KovKEEx%2FuaHBkoy54Dzr2UGFTpZ4jwDoeRfNkmRapUED1dqW4C4AkWjXI9A6C0%2FyCqjTWdAlvU3Y5%2B4gzlfcXMuYRgJPM9kRM8RFqrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=11306&min_rtt=10855&rtt_var=2143&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3714&recv_bytes=3407&delivery_rate=217912&cwnd=12000&unsent_bytes=0&cid=1c7a913405039529&ts=1010&x=80"
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 batchexecute
news.google.com/_/DotsSplashUi/data/ 152 B
188 B 159ms
158ms XHR
application/json 142.250.66.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=t11Gyd&source-path=%2Frss%2Farticles%2FCBMiuAFBVV95cUxNdU14cGdUVERZOFRHMUZfaTR1N0Vqam5ReC1HSWZaNmFLcnY5b3A4cXRaZUZpZGZFWTNtcUc4LVY0am9xam8tUW1HOTZaQUNsWDNiZVE5QklKWVFuMDF0RktYLUlhNkItRUFGN1ZMQ2M5dmZQci1uNHFoMGRZWUtoalFyN1I1UUFqaDc1Nk9JblRaSXZiZjJKTGw1d0JEdUQtVWZhVVEwUUIzdTVKNC03S2xERHYwUkZG0gHAAUFVX3lxTE5pa09VWEE1NWRZSlZRZ3JyRjR1cmhoQzZicUZiVVZSdjZOT19UclVqQ3ZMZkVsdHRjRV9STXJyV25vZkJJQ3IyUmZpaGpNT3h5dTdMVG4ydWp3M2xkN3N1ellxMnVmZUdxMjJkbzBSaUpZOHMyYm5zLVkxM2JZX0dMNVpEUFFka2dGSzhlUXZxMV9KMnBlblp0US1VaWFlRXA5QXZKcWNSLTRZY2tLNjFIOVBCelVvT0IwZXk5UkY4MA&f.sid=-6699564720518687444&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=278628&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain: 1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:27 GMT
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 speculation
eastleighvoice.co.ke/cdn-cgi/ 128 B
767 B 16ms
16ms Other
application/speculationrules+json 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://eastleighvoice.co.ke/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSkwYsFZpWt01DcyEu8kH2ax6nLKC%2FQCtWz7nq1XQPGOwtmlZAz3brv%2Bm1SRdYtm0fUOy2kDdlorViE%2Fywd9tc4og4YSXEXlrwdvTRDd7yTpTvWmnlmow9VN4fVdyddVqt%2Fn7xc81g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9465fb446ebff0d1-MEL
access-control-allow-origin: https://eastleighvoice.co.ke
alt-svc: h3=":443"; ma=86400
content-length: 128
server-timing: cfL4;desc="?proto=QUIC&rtt=11418&min_rtt=10855&rtt_var=1139&sent=18&recv=15&lost=0&retrans=0&sent_bytes=9502&recv_bytes=4527&delivery_rate=486834&cwnd=12000&unsent_bytes=0&cid=1c7a913405039529&ts=1085&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/ 79 KB
25 KB 65ms
25ms Script
application/javascript 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k"
age: 1102632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM0A2ZoJ3TdXWLRnb9lgcFtO3egMs4lJXnQLOR6HsZ3I44aM0kNN4SqvvsMXTcimGK92JGG16Q5ZTwfKs7sWVpzFrbBcJSAcV5gfrlvvE1U82IzJ%2F23lfrYDy6WSdKu4YG8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 13:50:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220038-FRA, cache-lga21983-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb461a7398cb-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24668
server: cloudflare
x-jsd-version: 5.3.0

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 44ms
22ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6599bda5-28f2"
age: 1103257
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FLKE%2FZEIT%2FhjZA7bDZapSc77EEgbVuf5lhutP7uefR8rnxLI8bff9M9r%2B6aeAci3st%2FpKi5s2FbWBrnVXZWBMYkrWdFNbww7XajKud80MK8IiBLVIVFMmuI3gOfh%2ByvBedYbEaZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 13:50:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb45fa00d971-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10482
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 227 KB
27 KB 80ms
41ms Stylesheet
text/css 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age: 1207145
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=coefcErUfmRdIvtjptx3XVij%2Bapb8G2u7LbF53vMEFTGeypiyd%2BmHX6mNhjSQ3A5X3jCVNpZBVZEMiOU4120chGas6X0hHzmapi4Gw8cNB0YzHEIUDfRzyi3%2BXEWmCNYLUE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21958-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb461a6c98cb-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27424
server: cloudflare
x-jsd-version: 5.3.0

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons/font/ 97 KB
14 KB 63ms
24ms Stylesheet
text/css 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004322721c8557331759bc6ddaacbb689b0f0715d688aec82bd056d2d5b5cc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"184e4-ptHboTbR5gcHjbMAMHDqs0tR7FA"
age: 14793
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czC4NAkRk4IJuraLRGGFdoyikXCDdOJvdj%2FsV8FxBS4RrLs8m7tuxN1J1r7kVJuS2M7aYZHbIy4Idx7G0u6Wx57%2BWO3mmZVa69zbqodLgxpd2BTlgBftABbgHRSmjcSSVtk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230156-FRA, cache-lga21982-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb461a7298cb-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13832
server: cloudflare
x-jsd-version: 1.13.1

GET
H3 200 theme.css
eastleighvoice.co.ke/assets/css/ 279 KB
41 KB 38ms
36ms Stylesheet
text/css 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb1e01b621765c78a051d7744197bdee1e411a436a4445e25067ef83d89df50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "45b9a-62c867042ac7e-gzip"
age: 1599115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWWk1gRO8foYQ8jbTNI2TaGmvjsLsvwFQaXWiIK4FYvft9c3jNi4DD5Li1dDVjawOvBg5X7uxX0jH9BhTuAG%2BYTBpMQJZ%2BA3ghGLZsYoS9Na6hskcmsq87vmjDPaK%2Fi1cdAgkVQm9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 22 May 2025 21:10:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11363&min_rtt=10855&rtt_var=548&sent=64&recv=33&lost=0&retrans=0&sent_bytes=56678&recv_bytes=9442&delivery_rate=1476963&cwnd=20400&unsent_bytes=0&cid=1c7a913405039529&ts=1328&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/css
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb45dec8f0d1-MEL
accept-ranges: bytes
content-length: 40955
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 demo.css
eastleighvoice.co.ke/assets/css/ 7 KB
2 KB 39ms
37ms Stylesheet
text/css 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/css/demo.css

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4eb6049325d3e479c1fbebc35d1b47f399a21cca74ed75bf7e3a4365cddf21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1a93-62c867042ac7e-gzip"
age: 1004049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SiPe0jupzD57On87rJMAeIE8cVLJ%2FHC7KBtKMr3qQC1id4dsee0P7Br9sKRdhISr%2BUZlB0wDPzGxW0q9XM7mz3HDKtr3cy8fm8LVunS0k2Cv3xf5OYr%2F6N8KdFjN1XZjTSZZhKiO7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Jun 2025 21:10:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11363&min_rtt=10855&rtt_var=548&sent=46&recv=33&lost=0&retrans=0&sent_bytes=36278&recv_bytes=9442&delivery_rate=1476963&cwnd=20400&unsent_bytes=0&cid=1c7a913405039529&ts=1325&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/css
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb45decaf0d1-MEL
accept-ranges: bytes
content-length: 1821
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 style.css
eastleighvoice.co.ke/assets/css/ 12 KB
4 KB 24ms
22ms Stylesheet
text/css 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/css/style.css?v=358e?j8bjxb

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

872c2243a3a89f9f017a6397c835014e0664b82be6540187d5f81f3e028b49f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2f7b-634c2dc32bc83-gzip"
age: 1160504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHQnOTq2kbzFqE5H%2BCL4gq%2BKQKO1a9YZPtEdz%2BWaqH4NexEr7JBdIrpKgWG0DZGQ9lQmpGjd8hF5GwSINjy4gfXxrti4XTCioonIG6M6ee6QqjG6y7J%2BiNHpIWOv3M%2BaUo4FVvkFTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 13 Jun 2025 03:06:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11363&min_rtt=10855&rtt_var=548&sent=46&recv=33&lost=0&retrans=0&sent_bytes=36278&recv_bytes=9442&delivery_rate=1476963&cwnd=20400&unsent_bytes=0&cid=1c7a913405039529&ts=1325&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/css
last-modified: Sat, 10 May 2025 07:16:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb45dec9f0d1-MEL
accept-ranges: bytes
content-length: 3085
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 425 KB
142 KB 341ms
178ms Script
application/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

848fc387460bf7d0354d7068e5edab7c18be6927fd603c1f6f97f294d9c62a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 144206
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 297ms
167ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

a5cef51b0855023a92c51e16bf26a6231b26ffdbcab6f335aa1e38cd0d6c1597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 978 / 20235 / m202505200101 / config-hash: 4677953494289217151
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34653
x-xss-protection: 0
server: cafe

GET
H3 200 push-notifications.js Show response
eastleighvoice.co.ke/assets/js/ 191 KB
41 KB 40ms
32ms Script
text/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/js/push-notifications.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32bb7cb99bb2ffb5b46efeed845a241336eb27cc959be9865c6e17629dc36e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2fd0f-62c86704396de-gzip"
age: 103963
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCYOVwMO9nMWU2vNd4xULd9cjmrtQdpMIWbe7ctPZChie62wtHIo0Svl8NL2WYnE0tEzp%2BsDLu%2Ffi90a6v5HrgEFRvIODAIJ%2FzRIGdRQtO%2F%2FY%2BcFyuT3nUE5QWYpsv1t5Uxq8b803w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 18:54:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14148&min_rtt=10855&rtt_var=2280&sent=184&recv=73&lost=0&retrans=0&sent_bytes=187325&recv_bytes=16370&delivery_rate=2279614&cwnd=64800&unsent_bytes=0&cid=1c7a913405039529&ts=1454&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/javascript
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46aed5f0d1-MEL
accept-ranges: bytes
content-length: 41575
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 314ms
161ms Script
text/javascript 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7701068765942733

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

b21238fda89ecb91849c46b402e407e45a203b66f2190c3b956b3bda9fec1a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 17422673161573345352
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53304
x-xss-protection: 0
server: cafe

GET
H3 200 ads.js Show response
www.google.com/adsense/search/ 137 KB
50 KB 263ms
135ms Script
text/javascript 142.250.204.4
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

sffe /

Resource Hash

a3b907ee6b061a8cd6b007bee5c8546794e9bbba27fa7c0d744bec407b5b7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "5842272111998284514"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H3 200 logo.png
eastleighvoice.co.ke/assets/images/ 34 KB
35 KB 23ms
21ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eastleighvoice.co.ke/assets/images/logo.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11feac2edff6d483f55354f6da985d0aac66732ee6ee2d55867a9e1b38654be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

cf-cache-status: HIT
etag: "89fe-62c867042db5e"
age: 2974173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtqVcjsAsG8CHAUNzdvPZlZwRFMKlo9QQcFdehsqxIwtjPIk99H720a9tEozv30SGLkee8bdQJTIQTj%2B17IQU%2FOquB6lpAgI5rJ1micYCBwz96Ft%2BuQx8D%2FMofFRyZzOjbupT4Ou9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 22 Apr 2026 19:04:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11363&min_rtt=10855&rtt_var=548&sent=46&recv=33&lost=0&retrans=0&sent_bytes=36278&recv_bytes=9442&delivery_rate=1476963&cwnd=20400&unsent_bytes=0&cid=1c7a913405039529&ts=1325&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: image/png
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb45decbf0d1-MEL
accept-ranges: bytes
content-length: 35326
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Gr3q_ecWwAIkMLL.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 392 KB
393 KB 321ms
315ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gr3q_ecWwAIkMLL.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb7de40e483836cc19cd29de65526ac6d2799f551cbb8d9605d28078e206977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPnVfgCONZ38CrrvEtjJKts4Eec%2BZk43tptWu7UfWHpAO%2Fljwff%2BHh3IpFiwmJ1wF%2FTe%2FpGuCOglEAIHZrP9bjNQEQcawQrcC%2BjtS6Gv7N1FcFB1d0ns29xdLtO%2FYyGKWoNBNTSzKXqSXu%2FinVoq"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Jun 2025 06:05:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13360&min_rtt=10855&rtt_var=2427&sent=424&recv=119&lost=0&retrans=0&sent_bytes=456278&recv_bytes=22928&delivery_rate=9410736&cwnd=153600&unsent_bytes=0&cid=1c7a913405039529&ts=1623&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Tue, 27 May 2025 06:05:10 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb45eeccf0d1-MEL
accept-ranges: bytes
content-length: 401483
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 53ms
21ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

3319f85d17eaaaca794ddb7172bdef744fbccf1f6853bccf3293f75837a52107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-md5: 9X1CdeBtTLvkNjNW6ViOAw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "d3144820632d082663a1b873591dca45"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:04:42 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 13:50:28 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: ed3cf62862e36847304cffc478c5647d
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4957, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: aCkK5fkFuSdRyXxo20TjEzYhPaQbwzhdCO63G0KJB07YiwSExhV1kqG/DHEmUUkweS+yLUGC9S9XtXNzVVZkjQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?1

GET
H3 200 Screenshot-2025-05-20-100428.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 81 KB
82 KB 308ms
303ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Screenshot-2025-05-20-100428.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2245126fe88be979d1fccede0c29d3dab91e363e9b684c4135a0864ddb7bfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c30EGoxkecwAmix4gFS8CCR9WatiVXldBWxYFrKAf078AePDMXkZiXWs8bUWR7xx0rrIh2u1YX8IZ3VfK32%2BbLe%2Fnv026u8anPxwdMA%2F4H7yGxEdCm4JsOO6LEniDBHaVILDtLV0Mc0M8iUbsJzD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Jun 2025 07:13:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12540&min_rtt=10855&rtt_var=1118&sent=579&recv=131&lost=0&retrans=0&sent_bytes=641293&recv_bytes=23463&delivery_rate=9410736&cwnd=153600&unsent_bytes=0&cid=1c7a913405039529&ts=1659&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Tue, 20 May 2025 07:13:10 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb463ecff0d1-MEL
accept-ranges: bytes
content-length: 83277
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 matatu-grafitti.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 226 KB
227 KB 315ms
313ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/matatu-grafitti.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b20790a8814f6c48dc11006259ce49e6a7a2fc7d4efb678ac246135394989b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WbfuJ08iEGCipQM0XAQEpNH0e5ST3X3TESSEPLqy9viYMDuQcsP88j2afZCPvoM9%2F47SJjg2cjQlrp8%2B5xzGTscuJEzTF2Nt79kLuOE7LFFauL77YhtcAGGh%2F6QSDGCti7A7aGpVVSRinU9pkl5l"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Jun 2025 09:25:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12741&min_rtt=10855&rtt_var=2202&sent=845&recv=171&lost=0&retrans=0&sent_bytes=953533&recv_bytes=25308&delivery_rate=11293832&cwnd=183600&unsent_bytes=0&cid=1c7a913405039529&ts=1735&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Tue, 27 May 2025 09:25:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb469ed0f0d1-MEL
accept-ranges: bytes
content-length: 231638
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Lempaa.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 57 KB
57 KB 27ms
21ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Lempaa.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bd1f7370fda2d955fbb9f84930d03e0adc4ca91a57359ac65ec61b75b367ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 1038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BsTOAAEqdo6UEQo8sE1KWrRz6%2Blb70qn%2BLwFLRpziGjczwBEceG9m5slLtY2KZCv7jpJaZBCpElgb7moX1rvIPZjbTpu%2BIh2Xwz93ydiyh37R4k4mYdko9P1yYCKOSr9XXucWi8d4UaQvv%2Faa7i"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Jun 2025 13:15:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14148&min_rtt=10855&rtt_var=2280&sent=130&recv=73&lost=0&retrans=0&sent_bytes=123693&recv_bytes=16370&delivery_rate=2279614&cwnd=64800&unsent_bytes=0&cid=1c7a913405039529&ts=1449&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: image/jpeg
last-modified: Tue, 27 May 2025 13:15:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46aed1f0d1-MEL
accept-ranges: bytes
content-length: 58102
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 World-Bank.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 71 KB
72 KB 316ms
310ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/World-Bank.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39846da715b8e6834b957d5c6aea4bd283da442b0e56e89b2db375e0b848312

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58E4mTgE6STlnqduQaZzFIHFeayGrW%2BTmpSNUvC0PVXm21EsDVNZaBHzs5Oi2CO7RqDnmjUs28WJDpabdjcNZ%2B1axgj%2FrMWqZWgSM66KG5wYVLzWTgdd9v6zNOuzA2I64mprVL3yr4lbmM%2FpTPnC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Jun 2025 11:29:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12741&min_rtt=10855&rtt_var=2202&sent=986&recv=171&lost=0&retrans=0&sent_bytes=1121777&recv_bytes=25308&delivery_rate=11293832&cwnd=183600&unsent_bytes=0&cid=1c7a913405039529&ts=1742&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Tue, 27 May 2025 11:29:25 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46aed4f0d1-MEL
accept-ranges: bytes
content-length: 72844
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Gp86t-cWkAAZiKC.jpeg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 292 KB
293 KB 325ms
321ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gp86t-cWkAAZiKC.jpeg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a4ed15c8ab1ecf4757d61dacf32acc5bf6bdb773d979e98581b0d6b050f8c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l92oGNa4MOCdQRuATpem4IH1qCmOIyShvnq2u9V47s2G2oyoQ3eYbu9Bf0D7oJJVt9QI%2FFY%2FRL45VYdtPfjRnzpfP3tZbYCfomDQzSO9e%2BT7FRfo0nwY02Ko0rdAmQBu45WWDo8GcN%2Fr1zWuvqNO"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 15 Jun 2025 18:54:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11939&min_rtt=10855&rtt_var=1097&sent=1110&recv=201&lost=0&retrans=0&sent_bytes=1266393&recv_bytes=26718&delivery_rate=17047725&cwnd=280800&unsent_bytes=0&cid=1c7a913405039529&ts=1777&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Thu, 08 May 2025 13:17:05 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46ded9f0d1-MEL
accept-ranges: bytes
content-length: 299445
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 chairpreson-1.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/06/ 111 KB
112 KB 685ms
682ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/06/chairpreson-1.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a8e8fb15366675dd6fb95ecd30559dd2daef918bf9249c7fbf2f28858159a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsc2oo8oir0zPziEf%2FOJD8BHQURESaOFflms9KC4qPvXq6Ylzf4%2F0LwLigxZJceCn5YboILavKi1%2F0yHGErffPs5zouMuMJTErY%2Boy3bvzCybyckbJnujxU77yqO%2Bzr%2BS49cQdwSUgeBra2L2EPy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 04 Jun 2025 06:55:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14481&min_rtt=10855&rtt_var=3661&sent=1495&recv=248&lost=9&retrans=9&sent_bytes=1712773&recv_bytes=31527&delivery_rate=13253545&cwnd=254519&unsent_bytes=0&cid=1c7a913405039529&ts=2143&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Tue, 04 Jun 2024 15:52:45 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46dedaf0d1-MEL
accept-ranges: bytes
content-length: 113727
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 974c8f31-9374-4b1a-abe1-557c7e0ed972.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 76 KB
77 KB 22ms
19ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/974c8f31-9374-4b1a-abe1-557c7e0ed972.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b0af6bc7027a520060d17b3dba0fe1b341c5366c863fe32c0db3d10a433da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
age: 35348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lP12SDk5EKQvMQ675ix0VJXsrO5nT8wKTQ%2BKkTjAs5Xfn1nb%2FSMY8OZjJ%2FDpaI2CKyuvsUepEuDJ3lDYZcf7UvOHly3ayK7TIz1BNKhkjwuCBx1VhruH6UPoVVdKt%2BsK252X6x8ZYm3EueZ5Tygx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 25 Jun 2025 17:11:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13600&min_rtt=10855&rtt_var=2080&sent=314&recv=100&lost=0&retrans=0&sent_bytes=332655&recv_bytes=20192&delivery_rate=8010847&cwnd=153600&unsent_bytes=0&cid=1c7a913405039529&ts=1482&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: image/jpeg
last-modified: Mon, 26 May 2025 17:11:09 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46dedbf0d1-MEL
accept-ranges: bytes
content-length: 78078
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Miano-and-Mbadi.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 118 KB
119 KB 328ms
324ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Miano-and-Mbadi.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0e5ba24caacfcf0ab379f7a8ce9b7912eb81c337aee8522b3256af9d167e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqwHnvySgUGDGiI9ZDzthCxvOL9e4xoQ4NwUo16NMW1SMlx5MQ6kisD%2FdpOzTCGVYaQC7ehMGNWKu%2Fa7poR1cCHnGnTB89bgegA%2FuvRWJxk1NA0pfiTr%2F%2BRizFXO2LP%2BhekjsZQbOIs3XiBLhu%2BZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Jun 2025 09:00:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11939&min_rtt=10855&rtt_var=1097&sent=1279&recv=201&lost=0&retrans=0&sent_bytes=1468321&recv_bytes=26718&delivery_rate=17047725&cwnd=280800&unsent_bytes=0&cid=1c7a913405039529&ts=1787&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: image/jpeg
last-modified: Tue, 27 May 2025 09:00:21 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46deddf0d1-MEL
accept-ranges: bytes
content-length: 121020
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 TSC-Macharia.jpg
publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/02/ 78 KB
79 KB 1283ms
1280ms Image
image/jpeg 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://publish.eastleighvoice.co.ke/mugera_lock/uploads/2024/02/TSC-Macharia.jpg

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb7e9a16bedab3f286cdc8a340140ce22737bfd0b0439b9afbeb63af07f9f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srCeVsHFBZcwqyRDKHj6rIggUuxYVO2ambRL864Hfd2UBWXCcCNeXhtGycOsoMQAG0c98C34xBZKgirOOIexrH0cDICA7KxnhVsuryK2W7myBc9jS%2BLCDXJyMO9ITrgGQg8XtEkWXHk9QA6jdG6g"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 16 Jun 2025 11:41:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12709&min_rtt=10855&rtt_var=1761&sent=1667&recv=275&lost=9&retrans=9&sent_bytes=1901475&recv_bytes=39318&delivery_rate=13253545&cwnd=254519&unsent_bytes=0&cid=1c7a913405039529&ts=2741&x=80"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: image/jpeg
last-modified: Wed, 07 Feb 2024 10:24:59 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46dedcf0d1-MEL
accept-ranges: bytes
content-length: 80056
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 android-chrome-512x512.png
eastleighvoice.co.ke/logo/ 69 KB
69 KB 37ms
34ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eastleighvoice.co.ke/logo/android-chrome-512x512.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e79535a24928a654e7afec5673fc1131770b3da730bd92a215f84d020834d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

cf-cache-status: HIT
etag: "112ac-62c867048693f"
age: 948180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVvyRkztvuIGqkofKt4dBm%2BbXC43vYHHpVQvf1T7H1ReJwid8GqE0Zgdi3sYoF5WJzeJIyYZefgrKP0JiRobKh88GmvsYxokmoug0dL6l8JCFEWzUUzcaZR5AMdyDEuxJxVpb3erIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 07:55:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14148&min_rtt=10855&rtt_var=2280&sent=184&recv=73&lost=0&retrans=0&sent_bytes=187325&recv_bytes=16370&delivery_rate=2279614&cwnd=64800&unsent_bytes=0&cid=1c7a913405039529&ts=1456&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: image/png
last-modified: Sat, 25 Jan 2025 11:49:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46aed6f0d1-MEL
accept-ranges: bytes
content-length: 70316
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 client Show response
accounts.google.com/gsi/ 230 KB
87 KB 414ms
196ms Script
application/javascript 172.253.118.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f84.1e100.net

Software

ESF /

Resource Hash

904cc7c4e1d9895d6f824b2590b62d0f24bb4440eae9ffdd3fc2ddfaf0ccee38

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FdhA-KGaNBJPWO7Ev1bHsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FdhA-KGaNBJPWO7Ev1bHsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Tue, 27 May 2025 13:50:29 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 email-decode.min.js Show response
eastleighvoice.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
16ms Script
application/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
etag: W/"682eb544-4d7"
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1jWipOdyb6Q5vkLZ5eY8%2BujJQmy1OTYJht2lOHeDdUPC0gZphPwJyxrtwDwDESO2pDhdoFAupygYVKki76HuLybfOnQ6HrjWwyEtuiXiHthd1oW9w3MQYGhBMQO4YQTbolUvzJ3fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 9465fb46aed2f0d1-MEL
expires: Thu, 29 May 2025 13:50:28 GMT
date: Tue, 27 May 2025 13:50:28 GMT
content-type: application/javascript
last-modified: Thu, 22 May 2025 05:25:24 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 jquery.min.js Show response
eastleighvoice.co.ke/assets/vendor/jquery/ 85 KB
30 KB 28ms
20ms Script
text/javascript 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/vendor/jquery/jquery.min.js?v=393

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "15283-62c867044237f-gzip"
age: 103963
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z0YrXd4Lo3BbjOnDasQCy9U%2FAuLNGrRv9GkrgJ6ZXQo2xvhUwP3suNusVExuKlcY21O31BqbHH25MqL%2FF4pKU9DZs7Amil2e13QarrRAA%2BWvxGSYsV%2Bqz0W%2FczcIvImkAF%2B3XaPSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 07:18:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14148&min_rtt=10855&rtt_var=2280&sent=181&recv=73&lost=0&retrans=0&sent_bytes=183844&recv_bytes=16370&delivery_rate=2279614&cwnd=64800&unsent_bytes=0&cid=1c7a913405039529&ts=1450&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/javascript
last-modified: Sat, 25 Jan 2025 11:49:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46aed3f0d1-MEL
accept-ranges: bytes
content-length: 30138
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 58ms
20ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb472ca4f0da-MEL
access-control-allow-origin: *
date: Tue, 27 May 2025 13:50:28 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/eastleighvoice/ 995 KB
279 KB 1888ms
1848ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7a29f9eb459b59fbc1e10490101b4cb15c707cd43726573b71fa37c3dc1ad4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "e67c274a9f4e90180f7ab952a19b23e6"
x-amz-version-id: _qAQOkDlrR0MioaaCAt62ZxIUQCrce31
age: 1
x-cache: MISS
date: Tue, 27 May 2025 13:50:30 GMT
last-modified: Tue, 27 May 2025 09:05:28 GMT
x-served-by: cache-mel11267-MEL
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: n4OToGugJRWNW6yY/4pBvD2uhfXaV1XTjBDpcZnP+GD20rdfBNyTVeNT9VDrMDNIx0X9fRksmOU=
x-amz-meta-x-tbl-source: kfc-purge-prod
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: private,max-age=14401
x-timer: S1748353829.049594,VS0,VE1833
via: 1.1 varnish
x-amz-request-id: WJC0VRHVPFPXPFBC
accept-ranges: bytes
access-control-allow-origin: *
abp: 74
content-length: 284901
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 quate.png
eastleighvoice.co.ke/assets/images/ 349 B
1 KB 19ms
19ms Image
image/png 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eastleighvoice.co.ke/assets/images/quate.png

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c9b3c957e28e867df94e9673792a2bcdc34892d62de6687c8f0a7e2d293381

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Response headers

cf-cache-status: HIT
etag: "15d-62c86704348be"
age: 103963
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rY1fRya7jG4GWoj%2FdlvdJCFSRXnhLNfPgAnhrkccpG9o4Z9QCAgU%2ByppFG8%2BpcFVIvu%2F%2BOt3x%2F4YOCaJI8CUYzHFge8SDYiX5n3chKFCgUyHJGmLNbmb3ER61zDtZXiKHTZ6Usw4yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 22 Apr 2026 20:10:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12926&min_rtt=10855&rtt_var=965&sent=313&recv=95&lost=0&retrans=0&sent_bytes=331531&recv_bytes=19959&delivery_rate=6532419&cwnd=153600&unsent_bytes=0&cid=1c7a913405039529&ts=1475&x=80"
date: Tue, 27 May 2025 13:50:28 GMT
content-type: image/png
last-modified: Sat, 25 Jan 2025 11:49:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb46ced8f0d1-MEL
accept-ranges: bytes
content-length: 349
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 29ms
21ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6599bdc3-13174"
age: 331853
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sxlpq%2BhLRVVt1LZR%2FWAOjoGcfccFff3auQqT0XwCc5a6Bgf8y2ZxiuStJ7gEs4j3FlRbcvu1UTKYyDikw3cwss3I8VjfXJTjfUN8agGfmwvVoya9okJ1pNbvCopj3rlrmgaDQ0CN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 13:50:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:53:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb476ae7ca17-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78196
server: cloudflare

GET
H3 200 Palatino.ttf
eastleighvoice.co.ke/assets/Font/ 98 KB
41 KB 38ms
33ms Font
font/ttf 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eastleighvoice.co.ke/assets/Font/Palatino.ttf

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa981f57b9f4f27cb54004da1c74bd5c3bd96e05c481a12e64c315ed9670f375

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/assets/css/theme.css?v=3cd98

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1871a-615a734fd4840"
age: 103963
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeqyMqX2aqc9kSBxdnpDdQZEWuOBFEQAVxbtmNdHNyZ8lfkIZsOoF0pHgRZb4vNHmPXZlSTG2jplwmpkue2kcLOXfYD3YSWa1I14hNU3AgkP5b2yc%2F9HQlaXlgA8HthHxxrsNxqRDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 08:15:22 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11839&min_rtt=10855&rtt_var=656&sent=384&recv=114&lost=0&retrans=0&sent_bytes=413344&recv_bytes=21750&delivery_rate=9410736&cwnd=153600&unsent_bytes=0&cid=1c7a913405039529&ts=1579&x=80"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: font/ttf
last-modified: Tue, 09 Apr 2024 10:15:53 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 9465fb476ee2f0d1-MEL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
76 KB 63ms
58ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6599bdbd-12bdc"
age: 330561
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lM6vHQmseQMnVJgbn%2F8ksEwGZ%2FVkzbw%2BrtGY%2BEg7Mrjjbkdp4npmf5uBtyw0JOArgIsDTiMK1wH0bmkDD4Kw5viEteoH7Hu%2BOljf3QHLyVU9mWircMGsjdnIKrToY7iYS6hpO31k"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 13:50:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:53:17 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb476aeeca17-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76764
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
0 138ms
138ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

a5cef51b0855023a92c51e16bf26a6231b26ffdbcab6f335aa1e38cd0d6c1597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 978 / 20235 / m202505200101 / config-hash: 4677953494289217151
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34653
x-xss-protection: 0
server: cafe

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 249 KB
74 KB 24ms
23ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ec044e5f6fe0933791cc9a6d2fd5d77e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

757c960ca00a6ebe5f70a01f16f6d007b7afa89ed9799e38eb1831ab4e561ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-md5: n0OkKVgEn6QpD1JMP1H7Ww==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "2f446404ef95f0d92d99be9e1383c4ef"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 13:24:06 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: adb49c84df417926607cb80243f1899c
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=27, mss=1232, tbw=9333, tp=16, tpl=0, uplat=0, ullat=-1
x-fb-debug: 6dJMNhpW65tm200oOAc7kbgcWyxZaIxyREgogyOWgRTh0fK54QxheXTuD3z8fts4Fw/49xDw9bPv86UYsbm+6g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75307
origin-agent-cluster: ?1

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 394 B
268 B 293ms
144ms Script
text/javascript 64.233.188.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=eastleighvoice.co.ke&client=partner-pub-7701068765942733&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.188.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f154.1e100.net

Software

cafe /

Resource Hash

664682042f383881d05f56b719bb323c90f319a59a822a57a5ea2abfbc1fb99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 247
date: Tue, 27 May 2025 13:50:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 iframe.html Show response
syndicatedsearch.goog/afs/ads/i/ Frame E81E 2 KB
1 KB 557ms
262ms Document
text/html 64.233.189.113
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f113.1e100.net

Software

sffe /

Resource Hash

9c4167c9c6ace3be6d46037c808bb0062ddb1be2b293513b52f0d733facfbc9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-Nk-BR5m-3381I6ZLsexolw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 728
content-security-policy: script-src 'nonce-Nk-BR5m-3381I6ZLsexolw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 17 Sep 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
syndicatedsearch.goog/afs/ads/i/ Frame 9887 2 KB
83 B 811ms
251ms Document
text/html 64.233.189.113
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.189.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f113.1e100.net

Software

sffe /

Resource Hash

9c4167c9c6ace3be6d46037c808bb0062ddb1be2b293513b52f0d733facfbc9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-Nk-BR5m-3381I6ZLsexolw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-length: 728
content-security-policy: script-src 'nonce-Nk-BR5m-3381I6ZLsexolw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:30 GMT
expires: Tue, 27 May 2025 13:50:30 GMT
last-modified: Tue, 17 Sep 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 539 KB
170 KB 25ms
24ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 8367355567805738573
age: 21867
x-content-type-options: nosniff
expires: Wed, 27 May 2026 07:46:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 07:46:02 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/ 461 KB
155 KB 139ms
136ms Script
text/javascript 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js?bust=31092611

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7701068765942733

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 17257031994529967950
age: 12671
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 10:19:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 10:19:18 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 158476
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ 63 KB
23 KB 23ms
22ms Other
text/plain 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 10260624382802495031
age: 18165
x-content-type-options: nosniff
expires: Tue, 03 Jun 2025 08:47:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 08:47:44 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23619
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505220101"

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame E6D8 102 KB
28 KB 167ms
26ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:06:09 GMT
expires: Tue, 27 May 2025 13:56:09 GMT
last-modified: Mon, 19 May 2025 19:44:47 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 382 B
627 B 25ms
22ms Script
application/javascript 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9ae1fa0d1fc51ee0ad3feb565083bee200289c71bb346020f9b3d80cf73636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"17e-goBKDsAq4SrgyL37A4bNh/aMb7I"
age: 29798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jw15wp%2FFuHyC1OxWvD1Fl3TxE7qohLK3w3g9f5BmCbigFKQQhICY1a%2BPaAlGb8GsC%2BMTN0M4u3gjl4RvJqlqhvy5brQPsbRR5wojT1nMmnqg3kMwQBpLKASLpbJ6KyMxI8s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230168-FRA, cache-lga21981-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9465fb4aa8b398cb-MEL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 237
server: cloudflare
x-jsd-version: master

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 513ms
241ms Script
text/javascript 182.161.73.173
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.173 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"67ece34f-a612"
cross-origin-resource-policy: cross-origin
expires: Wed, 28 May 2025 13:50:29 GMT
access-control-allow-origin: *
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript
last-modified: Wed, 02 Apr 2025 07:12:15 GMT
server: nginx

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 66ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 299188
x-goog-stored-content-encoding: gzip
expires: Sun, 24 May 2026 02:44:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Sat, 24 May 2025 02:44:01 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AAO2VwrOJG98WrFOtalXxS98WwwSrSt5r_zbkeiopuGYyq4zUiwhZqbMSen4hLrqNypTBTYTFZOq0YU
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 60ms
19ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"678fc4ec-4599"
age: 347580
cf-ray: 9465fb4aebedf0da-MEL
expires: Fri, 30 May 2025 13:50:29 GMT
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/javascript
last-modified: Tue, 21 Jan 2025 16:01:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 117ms
48ms Script
text/javascript 108.158.20.65
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-65.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 69021
via: 1.1 ed90dc86686a84dd5c3571951738e746.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PbIovxZoCzlvBmMS7WiL-wBy88tvDQ1tWTXKmvudxQdTd4vpNVZYwA==
date: Mon, 26 May 2025 18:40:09 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 3 KB
3 KB 367ms
325ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: 861bdaf24bda5c0db45c6ebe1c94a9eb
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2729
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 05 Feb 2025 14:45:21 GMT
server: Google Frontend
x-cloud-trace-context: 0a6da0843c3adc95ff0b9c23fc3767dd

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 268ms
43ms Script
application/javascript 108.158.32.47
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-47.syd3.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: "faa388a163b1b6d0377ee77a861591e5"
age: 3292
x-cache: Hit from cloudfront
x-amz-cf-id: 02MoaTYDrpRJI-cLcQ0LeR4CBedDz5iuhC9VvRaAgzqDpK0o255zBQ==
date: Tue, 27 May 2025 12:55:38 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 18:18:45 GMT
x-amz-expiration: expiry-date="Mon, 23 Apr 2029 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
content-security-policy: default-src 'self'
cache-control: max-age=3600
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8729
x-amz-cf-pop: SYD3-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 106 KB
31 KB 75ms
27ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1eaab8c8682f4c3cea300b40aa92a09eefb78c126d2b73299cb92dd95c533c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-amz-id-2: 3aKPlhc9+vuqPXp7se/jEpmAh0Mn+224Sy/b5o5XJR9+lhgt4z6UzLZyG8DyQACxFBSmDC8Gvj0=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"065ae1c35c8d315731ab9d3a0825dbe2"
age: 2263
x-amz-request-id: KWEXQG2KRVRVGSM5
cf-ray: 9465fb4afd714ff3-MEL
date: Tue, 27 May 2025 13:50:29 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 02 May 2025 06:44:22 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 454ms
190ms Script
text/javascript 13.33.91.181
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.91.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-91-181.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-amz-version-id: suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag: "e264379414c85b18fe5fb338ed4823f8"
Age: 50758
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 0LejwItV-54Dc8QActMArvFhc5993BjyaGUDMmj3f-x0_ySKDz20WA==
Date: Mon, 26 May 2025 23:44:32 GMT
Content-Type: text/javascript
Last-Modified: Wed, 11 Dec 2024 19:25:11 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Via: 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 3117
X-Amz-Cf-Pop: SIN2-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
12 KB 578ms
572ms Fetch
text/plain 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=8177430155033987&correlator=4345847724480340&eid=31092113%2C31092625%2C95353385%2C95361094%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199029867%2Cleader_board_responsive%2Cev_in_article%2Cout_of_page_1x1%2Cev_billboard_all_pages&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C1x1%2C728x90%7C300x250&ifi=2&didk=3748836145~1724456618~2277417631~2962633546&dids=div-gpt-ad-1738677082135-0~div-gpt-ad-1738758887412-0~div-gpt-ad-1740060230706-0~div-gpt-ad-1747682240556-0&adfs=~3257371666~2323068584~2657425195&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1748353829543&lmt=1748353829&adxs=-9%2C245%2C0%2C436&adys=-9%2C2176%2C11005%2C70&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=0x-1%7C729x2136%7C1600x11005%7C1600x90&msz=0x-1%7C729x10%7C1600x0%7C728x90&fws=2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748353828530&idt=941&adks=1559625477%2C1399057667%2C1401498077%2C3025464984&frm=20&eoidce=1&td=1&egid=19731&tan=15753fd1-436b-45cb-9250-3c9b9b2cba1a%2C15753fd1-436b-45cb-9250-3c9b9b2cba1b%2C15753fd1-436b-45cb-9250-3c9b9b2cba1c%2C15753fd1-436b-45cb-9250-3c9b9b2cba1d&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

4714624e93c2adbbede55e80806f51f61ec0853fe89a9920a33f4a53201ed6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: dcb
google-lineitem-id: -2,6912048465,-2,6995832177
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2,138506505410,-2,138518318305
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 12409
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
10 KB 555ms
550ms Fetch
text/plain 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=8177430155033987&correlator=4345847724480340&hxva=1&scor=1499840412&eid=31092113%2C31092625%2C95353385%2C95361094%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199029867%2CAnchor_Advert&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&didk=280320948&dids=gpt_unit_%2F23199029867%2FAnchor_A&sfv=1-0-45&fas=1&sc=1&cookie_enabled=1&abxe=1&dt=1748353829563&lmt=1748353829&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748353828530&idt=941&adks=2962879711&frm=20&eoidce=1&td=1&egid=19731&tan=15753fd1-436b-45cb-9250-3c9b9b2cba1e&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

00befdce8dec05ad2c2055c4bf16a98962ab33af5c1fab45f47644dd6dc8f4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: dcb
google-lineitem-id: 6998360110
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138517573035
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 10333
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 48B5 7 KB
3 KB 264ms
127ms Document
text/html 172.217.167.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:29 GMT
expires: Tue, 27 May 2025 13:50:29 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 55 KB
18 KB 125ms
124ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

1bf1f03b1032c3915a6690cd36b0ba29edd8feefd6169c3b6bf2f24a9fdef64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5677221328009611342
age: 24117
x-content-type-options: nosniff
expires: Wed, 27 May 2026 07:08:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 07:08:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 18525
x-xss-protection: 0
server: cafe

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 110ms
109ms Stylesheet
text/css 172.253.118.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f84.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hsqmCmjiAIk3wWEEfA1auw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-hsqmCmjiAIk3wWEEfA1auw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Tue, 27 May 2025 13:50:29 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 button
accounts.google.com/gsi/ Frame B25C 0
0 455ms
259ms Document
text/html 172.253.118.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=signin_with&shape=rectangular&logo_alignment=left&is_fedcm_supported=true&client_id=481326698458-mcrfe6h7clrbbko95p9btt573bii4feq.apps.googleusercontent.com&iframe_id=gsi_829628_567597&cas=w%2BlzYNAdQrjMPw3hBUYmUBut3IDdcESgp7mAWE5HYvk

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f84.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-zAGs2zCtZ0QbmKGLhMffFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-zAGs2zCtZ0QbmKGLhMffFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Tue, 27 May 2025 13:50:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&rid=esp&cc=1

85 B
193 B

202ms
201ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&rid=esp&cc=1
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 68adff3764fabc7d1f20f851f6de1bffa03486e21eefd37402f118ffb2fefe48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: W/"55-3K5MEzJGt3uwFx1Jvti0k2RHEFk"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://eastleighvoice.co.ke
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Tue, 27 May 2025 13:50:30 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://eastleighvoice.co.ke
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 27 May 2025 13:50:29 GMT
x-powered-by: Express
vary: Origin

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748353828887&_gaz=1&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~10313049...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=5613109224412928230&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9...

0
0

371ms
220ms

Fetch
text/plain

142.250.76.110
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=5613109224412928230&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: 142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s24-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgnc:90:0
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=5613109224412928230&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
551 B 433ms
146ms Ping
text/plain 64.233.189.157
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-24W9KHS0ZW&cid=1012548187.1748353830&gtm=45je55l1v9167994531za200&aip=1&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&frm=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.189.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to: {"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eastleighvoice.co.ke
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:124:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 122ms
122ms Fetch
text/plain 142.250.204.4
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?tid=AW-1005654510&en=page_view&dr=news.google.com&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&scrsrc=www.googletagmanager.com&frm=0&rnd=1233035680.1748353830&dt=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&auid=1616749791.1748353830&navt=n&npa=0&gtm=45je55l1v9167994531za200&gcs=G1--&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&tft=1748353829753&tfd=2313&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/ 5 KB
2 KB 282ms
134ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/?random=1748353829746&cv=11&fst=1748353829746&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

7544553df62af8e45e908f5ae7a7690d4ede85b56854d4c9cb86d4e192fa94ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1994
date: Tue, 27 May 2025 13:50:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1005654510 Show response
td.doubleclick.net/td/rul/ Frame 171E 13 B
523 B 297ms
143ms Document
text/html 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/1005654510?random=1748353829746&cv=11&fst=1748353829746&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748353828887&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~10320...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=3448588972077445381&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9...

0
0

270ms
120ms

Fetch
text/plain

142.250.76.110
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=3448588972077445381&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: 142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s24-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgnc:90:0
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1012548187.1748353830&dbk=3448588972077445381&dma=0&en=page_view&gcs=G1--&gtm=45je55l1v9167994531za200&npa=0&tid=G-24W9KHS0ZW&dl=https%3A%2F%2Feastleighvoice.co.ke%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/ 5 KB
2 KB 274ms
139ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005654510/?random=1748353829777&cv=11&fst=1748353829777&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DMaureen%20Kinyanjui&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

6080f86a2ec53b00f50cbfadc95448c225f5d4e8b1d9e13444fa9a8e833b0193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2014
date: Tue, 27 May 2025 13:50:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1005654510 Show response
td.doubleclick.net/td/rul/ Frame 8174 13 B
176 B 295ms
153ms Document
text/html 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/1005654510?random=1748353829777&cv=11&fst=1748353829777&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DMaureen%20Kinyanjui

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 304ms
169ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-24W9KHS0ZW&cid=1012548187.1748353830&gtm=45je55l1v9167994531za200&aip=1&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&frm=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&z=1497144906

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 1005654510
google.com/ccm/form-data/ 0
20 B 284ms
138ms Ping
text/plain 74.125.203.101
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://google.com/ccm/form-data/1005654510?gtm=45je55l1pfv9167994531za200&gcs=G1--&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&npa=0&frm=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.203.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: th-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:67:0
report-to: {"group":"ascnsrsgac:67:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:67:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eastleighvoice.co.ke
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:67:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
236 B 1161ms
568ms XHR
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://eastleighvoice.co.ke
date: Tue, 27 May 2025 13:50:30 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/55j0/ Frame 362A 3 KB
2 KB 288ms
134ms Document
text/html 142.250.76.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Feastleighvoice.co.ke

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:30 GMT
expires: Wed, 27 May 2026 13:50:30 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
653 B 443ms
235ms XHR
application/json 54.179.82.148
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.82.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-82-148.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 87f638e5a186f759201425a733dd4a8fca0ced6f7c1e7cdabdc8413a2d0530fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://eastleighvoice.co.ke
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Tue, 27 May 2025 13:50:30 GMT
content-type: application/json;charset=utf-8

GET
H2 400 fed Show response
ups.analytics.yahoo.com/ups/58813/ 0
394 B 193ms
125ms XHR
application/json 183.177.68.211
YAHOO-1

General

Check archive.org

Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.177.68.211 , Hong Kong, ASN10310 (YAHOO-1, US),

Reverse DNS

e2-ha.ycpi.aue.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=31536000
age: 2
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Tue, 27 May 2025 13:50:29 GMT
content-type: application/json
vary: Origin
server: ATS

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame E2AC 8 KB
4 KB 144ms
26ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js?bust=31092611

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 59136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 21:24:54 GMT
etag: 7658452531946828944
expires: Mon, 09 Jun 2025 21:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8EC6 41 KB
2 KB 376ms
262ms Document
text/html 142.250.67.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701068765942733&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748353829&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A192%2C2%3A192%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.07881135168149486&aiapmi=0.16&aiact=0.7202448128909672&aicct=0.7&ailct=0.6476539709848911&aimart=7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748353829393&bpp=23&bdt=863&idt=486&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=413467138627&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092201%2C31092619%2C95353386%2C95360610%2C31092611%2C95361622%2C95359265%2C95360957%2C95360294&oid=2&pvsid=8177430155033987&tmod=948951005&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fnews.google.com%2F&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=521

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js?bust=31092611

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e5d6272b39ba6ac3d0ad3eb9a7d81b1bba4aa88bec6e58b6aafc20b8019968e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eastleighvoice.co.ke/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1770
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:30 GMT
expires: Tue, 27 May 2025 13:50:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FF10 16 KB
6 KB 1037ms
518ms Document
text/html 74.119.117.17
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e85f2ae34f4130d556d41515cf2f10770c2eec8fe152dea36e8bba1a3ceb9896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 13:50:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 257094
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 /
www.google.com/pagead/1p-user-list/1005654510/ 42 B
64 B 171ms
163ms Image
image/gif 142.250.204.4
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005654510/?random=1748353829746&cv=11&fst=1748350800000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzak4hcj_fuAAgaAhxobPUyonBBnxpOw&random=1438632876&rmt_tld=0&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1005654510/ 42 B
64 B 177ms
168ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1005654510/?random=1748353829746&cv=11&fst=1748350800000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzak4hcj_fuAAgaAhxobPUyonBBnxpOw&random=1438632876&rmt_tld=1&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/1005654510/ 42 B
64 B 173ms
165ms Image
image/gif 142.250.204.4
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005654510/?random=1748353829777&cv=11&fst=1748350800000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DMaureen%20Kinyanjui&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzefEREra7wLxYAluSLbSHOWfRKKlw5g&random=3944826191&rmt_tld=0&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1005654510/ 42 B
64 B 170ms
162ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1005654510/?random=1748353829777&cv=11&fst=1748350800000&bg=ffffff&guid=ON&async=1&gtm=45je55l1v9167994531za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&npa=0&pscdl=noapi&auid=1616749791.1748353830&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bauthor%3DMaureen%20Kinyanjui&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzefEREra7wLxYAluSLbSHOWfRKKlw5g&random=3944826191&rmt_tld=1&ipr=y

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35AB 0
0 165ms
164ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5hqLmZN_1HVE21R-DXfG2Wg3U60uvBSxVehxd0ON6qUjK-lNLuVq3h3iWQ4Ihz53MiQMrXbnfiCTu8zxHUs1TqoqFQmK4B36R_zTCaed88FH0XsbBx4L0ZJyJIaGPoR1KZqR3RP9jp4a21KUVPViMX-TcjTA7HIh_r9txDJHsNdwGIq_I32ss7VsE-nTzFs8TUN2gupSP57wyMPwS2X6lWwHkYuiQtb9deFfpDJxkR7Br0NKr2Q_s6kDldVK9qqMM8O8b8lGwhkDMjy_a_S82SmhMSNx62YG4B1eY1jWzNmhLLjqMznXN1gjYc7On6TrBp9FgAw8dgUKMskclOw3YlfXta7y1d5sNQCOI4pehmnODyCaUQLg6xeK3nEn3u3Ik-lrdiKwpWfieVfYRvPZQ0AYi8l0&sai=AMfl-YQnNEiwStSYtMqHgQiHYwBPPNi1RgTT6y2cEpPGH2zZs6caCLhpFXBmbF0zhxvff3hr_F4q5giUhHx_fRncORJXPqpai9lWYDgsBqAtqBSEep2gVT6yb3Se9vPZjJnFCFcPJgWmMYzGkB3OvTc2Fg&sig=Cg0ArKJSzIhxMrJz-OYaEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/ Frame 35AB 21 KB
9 KB 190ms
33ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 79296
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 15:48:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 15:48:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 35AB 3 KB
1 KB 196ms
40ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 24517
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 07:01:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 07:01:53 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 35AB 221 KB
68 KB 141ms
140ms Script
text/javascript 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 81102085050987160
age: 1121
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:31:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 13:31:49 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 9263373077384741594
tpc.googlesyndication.com/simgad/ Frame 35AB 8 KB
8 KB 200ms
44ms Image
image/jpeg 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9263373077384741594

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

c3cfcb9c36740ffabea8d5e6d4deb3c040834b0b4f4a48d5d91bde7e792039cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

age: 10632
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 10:53:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 27 May 2025 10:53:18 GMT
last-modified: Thu, 15 May 2025 15:11:16 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 8130
x-xss-protection: 0
server: sffe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 808 B
428 B 187ms
187ms Fetch
text/plain 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=8177430155033987&correlator=4345847724480340&hxva=1&scor=1499840412&eid=31092113%2C31092625%2C95353385%2C95361094%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23199029867%2CEV_728_90_leaderboads&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&didk=1099070016&dids=gpt_unit_%2F23199029867%2FEV_728_9&sfv=1-0-45&ists=1&fas=8&fsapi=1&sc=1&cookie=ID%3Da04fc3d1c82a04b7%3AT%3D1748353829%3ART%3D1748353829%3AS%3DALNI_MaylWTOA0FTKsx5u-s_IJIfnm6Lbw&gpic=UID%3D000010f4dff16ad3%3AT%3D1748353829%3ART%3D1748353829%3AS%3DALNI_MZ-pd4QGUDi6hIRZ8Zj09rdE_el9g&abxe=1&dt=1748353830163&lmt=1748353830&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsl0ZuGpkxhs5JpJeyyORK2V0vf9ALcBn1rRRE50molMrsiUygGpsK3pPKv5de98bnZI3Gu50MXYNWGwM_P6rW31DBBM6nsQO2Y&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748353828530&idt=941&adks=2216976390&frm=20&is_cau=1&no_cau_info=1&eo_id_str=ID%3D6e41ad2d152eb689%3AT%3D1748353829%3ART%3D1748353829%3AS%3DAA-AfjaSs9ya_BlEczAZCziejCq0&td=1&egid=19731&tan=15753fd1-436b-45cb-9250-3c9b9b2cba1f&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

b4d1ff1946ecb45d411e389e00db23400d9b88e7599dc896683bdca1ef9beadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: dcb
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 397
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 35AB 217 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed047c222a6fd81a15a8c6a7346d2978743f9582303805d6794f3e1aecad0e89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA89 0
0 169ms
165ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaKXH93fgpG8iOccDmZSAhSTYoEc2Cr3BdX_yMZHOMh-I9O5Cgk8SR6qAzzniEs2xDQJSPF0hBYzHqtnMFIWT1MWC4PC_tUwWkfdmsnY934TlZBNiNAaGEEQ8rgvLqbWgjZa3Tem81Uz-sNKN3xqH1_vSHoB60PEot4KZH-tCD-Xm1vSxnh5ermHtc_gNJ5b9kVpN4r2O9rvNGpCBK337-cuJ-SihiF-tNjSWsSIpCNtRfAnr2Ukc6bZfB9Rz6XjvVvDAt_Id_sLq8UqtiPyfzmzFbzxaTT_D96aXG9Le-KxGa-GSDWDz2A8VnWjERXSwfHw88ITzPmVlGWDXevkVGCrcH9Q0gQPISibwg_DG9n-AfjAPomtAnyWB4w5CO0TbILmLF46bBOtJIl8adORHRT7FJsIUacE6_UQqW0MGAqum5weqXBb6b8VEEkCc&sai=AMfl-YTkXz-q5BDUinVKFcUD0tYwkdZumJmJCxGA8TEv-irdET7pEOLLVQnCmkHklzpmApT8dG6gbgG0HRB9weHNcKHf5TzCeTzMALaNVkKpZADPtw-SrxOMh0WGiAUoZrbx-czM2Fd9_3bpiIbenWMI&sig=Cg0ArKJSzCpr_WXx3BpJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 loader2.js Show response
scripts.yehtu.com/scripts3/ Frame AA89 178 KB
56 KB 1351ms
326ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/loader2.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 23d2e77961e64829183d726e3ceb51d27e07f8da186d58bc72dbe3c629dc5022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235559-2c70c"
age: 36
traceparent: 00-0b7b61ba7af7d15bb1e85b1604c2cce9-acef39485ed48ea8-01
expires: Thu, 31 Oct 2024 10:16:37 GMT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
last-modified: Thu, 31 Oct 2024 10:00:57 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=600
x-id: sv5-hw-edge-gc25
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-cached-since: 2025-05-27T13:49:55+00:00
server: nginx

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AA89 221 KB
0 86ms
86ms Script
text/javascript 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 81102085050987160
age: 1121
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:31:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 13:31:49 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA89 0
29 B 326ms
161ms Image
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4486 0
0 168ms
167ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv35htgPN8tjKNKrB8s0ZxI_chOskvUgNGPxjHE_-PEdRE1gA2cyS5nZG86u3ayjXEzt7W7Jp2x_qr799jT-ci9R_VMTenG1F8ESBkRlS7CftN2CSsnGdTXqAEw3RcsbWr7GSsvuI-2TY2CHb6EdQMrhJ6zB_nTmrhVgWGKSqgelevrdGkXxURBjIsLv2M-SxgA-6_EIRK7UzPXRRE4Cab1DoxWAEYppP4JFQFLki6r3DffYbCWrharQoHWSfsOZOfgxY7G1wWNUs29LJfu_ueK5SVvVGp8bQGR8tkRtlpNuR0rXzvB2-wpejBcKZIROMOVfvkQqMIvtOEr-TjI5wECGaNsxLyFKN3zFH0Khwf1Lw_Cm_nyEnC8CCSdQvW3EbOFGV9hOmDnOsTNUHsCnDdC5WjDRKP52V4UY3DZo3Zqzemx7KpiDyAEL0jeDtkDhX_kA&sai=AMfl-YQu-0uuL6BbXxaLgRcArMuQJHcwl64FjKPkWNqQ7liVIahU2SFMc9yNfl9Xz8neTEXbRQ69Qbwv6C8I_D1m7jq3Ifuik3CMmmWsBrC9rPxJfbPk-mnkC_oZNstbBtERnXXW9uGVdYG7c88QUInS&sig=Cg0ArKJSzLxuxiwi8hShEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/ Frame 4486 21 KB
0 127ms
127ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 79296
x-content-type-options: nosniff
expires: Mon, 09 Jun 2025 15:48:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 26 May 2025 15:48:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 4486 3 KB
0 136ms
136ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 24517
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 07:01:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 07:01:53 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4486 221 KB
0 81ms
81ms Script
text/javascript 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 81102085050987160
age: 1121
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:31:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 13:31:49 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 185454461455390032
tpc.googlesyndication.com/simgad/ Frame 4486 7 KB
7 KB 133ms
41ms Image
image/jpeg 142.251.221.65
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/185454461455390032

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

d89cc44b81086ac7b43f927d4e3da89c6acffc1921e3e116215f0f0af1274776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

age: 10632
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 10:53:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 27 May 2025 10:53:18 GMT
last-modified: Mon, 19 May 2025 19:14:27 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 7165
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 4486 210 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb1f80a87c1c1aa2321a9f65d1a9c9733f99eb3419cba62b85a545f8286eb650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame C776 615 B
1001 B 138ms
105ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 85b9500541dd5426ebcb25cf8c53527592f12001605deb00005f4049b0edb645

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 615
content-type: text/html
date: Tue, 27 May 2025 13:50:29 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 103.108.229.253

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35AB 0
0 145ms
144ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35AB 0
0 151ms
151ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA89 0
0 247ms
144ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA89 0
0 260ms
143ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4486 0
0 376ms
148ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4486 0
0 382ms
143ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4486 0
0 163ms
163ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhmh41YzxSO_dEr5DM8-GGBZtKD-myJCtQNRUZP1GZkjXJ-ncqdOw16mU0KD3oFl4vSMEIxL2PqznpCuBT6xeE9FN8yB479sJB-Anj-pptuIWLhCHOW5X-ZDrxNrhm0ufBpI3IgZ8Dg4nftcWlIdrFtNgu2Qg_PBKfcX_3TSIshTFfgG_vzptOLx8DMEz9Y0NhG4bjCNAWbFQdoQhlbxhwwu52ScudqJnwlzaGxaIhEMdSwnavMgalbDUms8YNS-L-FngnVxq1lrU30j-MsT2F1ZKdUao-yNjtYEN0PPIK7XWUdAZzL_z45EzsRuWzZeau4UWC_e29Ylxz8NB0zswvaavZ8COnR4px4RESn1wCg5dftMMxkhHG0Oyj80TcGuQxbd9kKYgkRx5TGVTi07rjRzXl_6PemVwlLTvy9jKVVKDH2zxylkk_-diknblVn6VS1ocu&sai=AMfl-YSn3TfCSQx6pNbpqEp57-w5lwwgmDKKK594LsS2UrkJ6z6ZXAVu8lYmmmzK_H58IslhmuQm1N7TMTOE3KM-6TFhhmStQv48lxi_kRVTJis8ugHxs96d9waSkrtPekb0dU4q4b7cQmGXxk1AbYq9&sig=Cg0ArKJSzGad4qBw3z7XEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame AA89 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f93cf3cbac70e0dc8366cff8480834f063743614e06949e8700335cae01425f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 ca-pub-7701068765942733 Show response
fundingchoicesmessages.google.com/i/ 201 KB
65 KB 327ms
174ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7701068765942733?href=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js?bust=31092611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

f0c845873bf9ffdbf537568bedd864ac7fc524260c682c88221ebcfe13e3edd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J62dveZENhbiaI1OvcbCfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:30 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BiaL15jnUyEBsqXGK1B-L76y6xPgfiD_WXWX8AcZHEFdYGIP5UdYNVoPoGaxL7TdYCIA51vMkaC8JpN1lTgXjNxlusm4G4Sfs2axcQm_ndZrUDYiEejmVt1w-yCVxY-P4Ck5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgamRgZ6BQXyBAQDN_z_Q"
content-security-policy: script-src 'report-sample' 'nonce-J62dveZENhbiaI1OvcbCfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35AB 0
0 145ms
144ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C776
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMn2gAbtt8cn9VgUYx_2moc&google_cver=1

43 B
97 B

98ms
98ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMn2gAbtt8cn9VgUYx_2moc&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.229.253
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: image/gif
vary: Accept

Redirect headers

cache-control: no-cache, must-revalidate
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMn2gAbtt8cn9VgUYx_2moc&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 295
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C776 170 B
243 B 334ms
179ms Image
image/png 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjY5MDAzZDgtMTgzNi0yZDNkLWU3MDctMzM0MDhlNmViNTNk

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame C776
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATGYZYZnnpWkks8AKGevVqWQPc8AAAGXEgJPgQ

43 B
97 B

139ms
121ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATGYZYZnnpWkks8AKGevVqWQPc8AAAGXEgJPgQ
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.229.253
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: image/gif
vary: Accept

Redirect headers

cache-control: no-cache
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATGYZYZnnpWkks8AKGevVqWQPc8AAAGXEgJPgQ
pragma: no-cache
via: 1.1 00625c2aa02f6876cd9570486ac98924.cloudfront.net (CloudFront)
expires: -1
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: lsteghPO2tFxoWMiyVHAEjsJJaJb3QsPqc_JaiUQKLGgQHPq3RLtVg==
date: Tue, 27 May 2025 13:50:30 GMT
x-amz-cf-pop: SYD3-P2

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame C776
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDXDJ8Co8XwAABhLv.IAAAAA

43 B
97 B

98ms
98ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDXDJ8Co8XwAABhLv.IAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.229.253
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/gif
vary: Accept

Redirect headers

Cache-Control: private
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aDXDJ8Co8XwAABhLv.IAAAAA
X-SO-LB-Hostname: m-tgng24.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.108.229.253","key":"aDXDJ8Co8XwAABhLv.IAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1072"}
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad1072
X-SO-HostName: m-ad1072.dc4p.scaleout.jp
Connection: keep-alive
X-SO-IP: 103.108.229.253
X-SO-Key: aDXDJ8Co8XwAABhLv.IAAAAA
Content-Length: 0
P3P: CP="See also http://www.scaleout.jp/privacy/"
Date: Tue, 27 May 2025 13:50:31 GMT
X-SO-Ads-Time: 1
Server: nginx

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C776
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afb0a195-1f05-4a1e-8f8b-8da9c0b67fe7&ttd_puid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0&gdpr_consent=

43 B
240 B

109ms
102ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=afb0a195-1f05-4a1e-8f8b-8da9c0b67fe7&ttd_puid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://google-bidout-d.openx.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 103.108.229.253
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 27 May 2025 13:50:30 GMT
content-type: image/gif
vary: Accept

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=afb0a195-1f05-4a1e-8f8b-8da9c0b67fe7&ttd_puid=daffd012-d141-7399-f2e7-69f9448c7b5d&gdpr=0&gdpr_consent=
content-length: 335
date: Tue, 27 May 2025 13:50:30 GMT
server: Kestrel

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35AB 0
0 161ms
161ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuccCllGGAbWWeYFL9-oUCyIRwvZM5xLGlQXuBPDQJZ5jWFnqZv41bY--d51USoolEIovTwuPlEziwiu-9PDAJYUMxZ7v3R8ZuAR5lxQWi-X6r-Xs1PC4oxBl8Dh_0sgjecMNE-E0Fweir-UXBFd8sgvhjNSK_JmLXxkdHk-gJTWcXUtuZd9v6Eq_0f7vj3z_U8tjyxS1Qv2Xgn3ge6QV_gQJ6KD-ezS4kGJHpW1zp6DO5xRueoruIG1kdbMRqaCnamtr53O5pxzudAzY2R7vhF91BAZVCjj6coJjKbkLUEiaxhoBJdm9Uxg-0xS8o4fUH9KDutUdakctJcL_m--4_aPP00-J6leEDBTvotb68CNK8TVk7qXrRVTQM8XINM_klFUCzKWzI0Nnrw4f7AFIK6dFu4y1LR_w&sai=AMfl-YR7SXi92KQd-lMTxJPGX-dh7jVBYSIUDbu62GmHotAdFfK6IFVOtonfq_3qgTwrDksnQnbGDzTdVurKFE2sB7mAmcmhROf1-Zed5dGrgyTpC2Tr8UbsccxNDqlqzLrn6QjMj503PA5fzYzSXbudvA&sig=Cg0ArKJSzF9DUIbD8DR2EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA89 0
0 276ms
144ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4486 0
0 423ms
150ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA89 0
0 163ms
163ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJMV6MpaJ8nXoGtFZVKpXJirXetVIS_EnT0eSY22nQDJM8x4opl15YxlxZmBQV0tq-TutvJkt_XLcN2ogZfeCKdnWGngDx1abmq0u7zCg-TNduyQwYznwjXBHXtp1WFpm0XYkFezuPbs8zgMr1Sd52kTbrx7wocx5K5xSX5gvxmi_N4c15q94gP-ZfiXRa27sn5S5Mx5MRXbTo09yhItZv3sj7UT0q9vmhMgPhtpgNxj9AzOjW-vxVZ-ajtD-vitv5RncxMz0aBwQkFMHRpsL8HtrJkvMO3NL6MxXrhtVyTMqyv5XFMgXfWTUApdDqV-gGCw8xaOdcGBDvDTcPU2u9Ne8LLMO--_kq0_GLWofES9IjtKILSyhKR0FYZnPSvrLl2IeJ8u0FabvGCdbwQZRORoK08r9_Jo1RZblnkTWA6r71LOt4V8KnyguGP_hvZw&sai=AMfl-YQAPvhwrhx_XBauu1zJ6coK7gOzM80EJefRenUzgXbbS9uBTT4GKxyySqfdpmb2cA16xBl4eVrqi9Rax8XVtKA19EGk4lTdOLds0SvqFdk5K93gEhrwbXvIc-lQBrT5tOVrhK0pxzRAe-MRG3Bd&sig=Cg0ArKJSzA7FFe2AdypmEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 13:50:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 13:50:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 145ms
144ms Fetch
text/html 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js?bust=31092611
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.177.97.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tm-in-f155.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eastleighvoice.co.ke/

Response headers

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
731 B 1021ms
502ms Script
text/javascript 74.119.117.17
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: private, max-age=3600
content-encoding: gzip
server-processing-duration-in-ticks: 414092
expires: 60
date: Tue, 27 May 2025 13:50:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 204 / Show response
beacon.taboola.com/ 0
179 B 34ms
18ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=eastleighvoice&trecsImpl=before&start=0&end=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1748353831.037840,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-cache: HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type
x-served-by: cache-mel11267-MEL
server: Varnish
x-cache-hits: 0

POST
H2 200 json Show response
trc.taboola.com/eastleighvoice/trc/3/ 41 KB
12 KB 446ms
437ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://trc.taboola.com/eastleighvoice/trc/3/json?llvl=2&tim=21%3A50%3A31.014&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2252127%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1748353831014%2C%22cv%22%3A%2220250527-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fnews.google.com%2F%22%2C%22bu%22%3A%22https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation%22%2C%22vpi%22%3A%22%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11165%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22cd%22%3A10681.27%2C%22mw%22%3A1600%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1748336723290%2C%22wc%22%3Atrue%7D&tbu=4f82d3ee-2c40-440d-b27e-805aebd7c9ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c9b9ed538ccc8dc1ecc2e72eccf3f2e5546365f2e2f8739cfaaaa8c16a25eec7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-mel11267-MEL
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 95350
x-timer: S1748353831.064005,VS0,VE425
x-vcl-time-ms: 425
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.556875
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-service-version: v1
server: nginx

POST
H3 204 AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 264ms
139ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wceUVnQIgf7bMyJM205LpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBi-FB_mfUHEJv53Wa1A2IhHo7lbdcPsglMOD6rmVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRqYGhnpGZjHFxgAAHMtJvg"
content-security-policy: script-src 'report-sample' 'nonce-wceUVnQIgf7bMyJM205LpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxUiRLAABf7BP2g_Mn5DR3cuzeAB2RWKmBPGTyx7tu-Ntcr-4mT86lVlu3pLlnYoWDrVjRHIQF3XOy45ALGcQXdi8yjS2rIQuQNsr1cRlKLH4CsnOwgFDmdMXMktcq3tUfjKvUhJPQ== Show response
fundingchoicesmessages.google.com/f/ 9 KB
0 191ms
191ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUiRLAABf7BP2g_Mn5DR3cuzeAB2RWKmBPGTyx7tu-Ntcr-4mT86lVlu3pLlnYoWDrVjRHIQF3XOy45ALGcQXdi8yjS2rIQuQNsr1cRlKLH4CsnOwgFDmdMXMktcq3tUfjKvUhJPQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MzUzODMxLDExNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lYXN0bGVpZ2h2b2ljZS5jby5rZS9uYXRpb25hbC8xNTU1OTUvd2h5LXdpbGRsaWZlLWF0dGFjay12aWN0aW1zLWZhY2UtbG9uZ2VyLXdhaXQtZm9yLWdvdmVybm1lbnQtY29tcGVuc2F0aW9uIixudWxsLFtbMjYsIjEyIl0sWzgsIm9hSzdhRm9fZi1VIl0sWzksImVuLUdCIl0sWzIzLCIxNzQ4MzUzODI5Il0sWzE5LCIyIl0sWzI0LCJuZXdzLmdvb2dsZS5jb20iXSxbMjUsIltbOTUzNTkyNjFdXSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

681ec2d81bd8ff4aa56df1b1f9c86613230035e7697484523e7c8088930d643a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UkRB7TzS2pW0YEQgoKGiVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBiaL15jnUyEBsqXGK1B-L76y6xPgfiD_WXWX8AcZHEFdYGIP5UdYNVoPoGaxL7TdYCIA51vMkaC8JpN1lTgXjXxlusB4G4Sfs2axcQm_ndZrUDYiFujuVt1w-yCXw4ejVHSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyNTA1MhAz8AgvsAAAJosP64"
content-security-policy: script-src 'report-sample' 'nonce-UkRB7TzS2pW0YEQgoKGiVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame FF10 455 B
924 B 498ms
497ms Fetch
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=eastleighvoice.co.ke&sn=ChromeSyncframe&so=0&topUrl=eastleighvoice.co.ke&topicsavail=1&fledgeavail=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2302ce79606b21a9c866819a48148b79b3a743283ff5a840a77d3fd4d52b3c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=eastleighvoice.co.ke

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
server-processing-duration-in-ticks: 1266134
expires: 0
date: Tue, 27 May 2025 13:50:30 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4486 42 B
65 B 147ms
147ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslFo19yao3wCnvEzSdBpDnk8wh_XBEtlYihd0VTn2DhA_uYhOgvGRw1-BNwAPiNhOVEVkqGMebcTgmECQ-WH0xJ_oDfY4pANG7HVrYymzJcEo08DrXlE5eUJntg33_ovXQhT8icSbYHHlhYlwOSkVEAQ_9HUQh0G9s5CcbSn6f-M68vnY&sig=Cg0ArKJSzDhRD8x9rblxEAE&id=lidar2&mcvt=1003&p=70,436,160,1164&tm=1020.8000001907349&tu=17.800000190734863&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3025464984&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4428663000&rst=1748353830206&rpt=231&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
0 49ms
49ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
age: 1149
x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
x-cache: HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
vary: Accept-Encoding
x-cache-hits: 480
x-amz-id-2: aNEJ+j9wp7W8cgI0nVjf6BT3DVtmlSNUv9HXewl1F6pmMx8sDmdHT+1BZkm7GVkIBCWPezsnJzU=
x-served-by: cache-mel11241-MEL
x-amz-replication-status: COMPLETED
cache-control: private, max-age=3600
x-timer: S1748353832.564065,VS0,VE0
via: 1.1 varnish
x-amz-request-id: RFXSBT36KBVWKBCP
accept-ranges: bytes
access-control-allow-origin: *
abp: 6
content-length: 1347
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
0 50ms
50ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "2fdf3e79d5e851201a0d52a886453d8b"
age: 11911
x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
x-cache: HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
vary: Accept-Encoding
x-cache-hits: 7235
x-amz-id-2: ybygAux9dSIu6KHRB9h5SdmTbu/daDIi/kYP0wg4DptyLGnHiCjtxE0fC5wITBnPx310F3lRURU=
x-served-by: cache-mel11241-MEL
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1748353832.564204,VS0,VE0
via: 1.1 varnish
x-amz-request-id: DCEM4WCV7S139HF7
accept-ranges: bytes
access-control-allow-origin: *
abp: 13
content-length: 6467
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
0 50ms
50ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://eastleighvoice.co.ke
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
age: 9844
x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
x-cache: HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
vary: Accept-Encoding
x-cache-hits: 3161
x-amz-id-2: lvioYJ8Ne72jfAqh54Y2vAH8uW0IxET+24wXHPHla7AlcT6TNXX1hBnfVLCit/M6A5J4ZaqQrXk=
x-served-by: cache-mel11241-MEL
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1748353832.564181,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 3D5PKWPD2KQ2DK27
accept-ranges: bytes
access-control-allow-origin: *
abp: 28
content-length: 125
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 b6e4768e296f4d768d9d1599bbd71a84.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
0 37ms
37ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b6e4768e296f4d768d9d1599bbd71a84.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 264ee31b26ef02cf46b0a7d385f6416254a2830f7b997f665d33271a227422bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b6e4768e296f4d768d9d1599bbd71a84.jpg
x-request-id: 51ec58d0879bcc04fa1e543a523eac92
etag: "5b58786342c18a0c4ade8a7203e8a258"
age: 3101078
cache-tag: 430542589799004887661560790191339006502,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=808,height=674,bytes=86681,format="jpg",owidth=1200,oheight=674,obytes=447495,oformat="jpg",crt=1745252753,ocrt=1744615101,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Mon, 14 Apr 2025 07:18:22 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 2, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100041-IAD, cache-iad-kiad7000131-IAD, cache-iad-kcgs7200073-IAD, cache-mel11267-MEL
edge-cache-tag: 430542589799004887661560790191339006502,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 167
x-timer: S1748353832.600403,VS0,VE1
x-orig-request-id: ed011d1bc77cd0488d07ee65877866d9
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35010
req-referer: https://bbs.wenxuecity.com/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Abduda-Dida.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 19 KB
0 275ms
275ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c56433b01c5d7a212744d09a96f601232a5f9a34147c927997d9cdffd6cfb097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
x-request-id: a16311140dbb580f4ac3b31824932169
etag: "5d2db564a1b9c30897a2b31842fea5e0"
age: 2882364
cache-tag: 467334307013777040117166756857754632438,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=666,height=555,bytes=30825,format="jpg",owidth=1132,oheight=555,obytes=84794,oformat="jpg",crt=1745471467,ocrt=1745470224,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 04:50:25 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 63, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kiad7000034-IAD, cache-iad-kiad7000044-IAD, cache-mel11267-MEL
edge-cache-tag: 467334307013777040117166756857754632438,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 204
x-timer: S1748353832.600282,VS0,VE237
x-orig-request-id: c368ec1b0c8c8e5da769c6be2374d469
x-ratelimit-reset: 1
x-vcl-time-ms: 237
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19574
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 3b53fb36b5a63d6749497e9b15b298f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
0 41ms
41ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b53fb36b5a63d6749497e9b15b298f8.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f43e48a04f7789be768239b97dcf95f64b941c979cade850e06c16344c50fbdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b53fb36b5a63d6749497e9b15b298f8.jpg
etag: "be6fce9e7ec0e9938899bd30ca5e0534"
age: 2477537
cache-tag: 350100606727247005075025456348453788727,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=539,height=450,bytes=36934,format="jpg",owidth=800,oheight=450,obytes=41777,oformat="jpg",crt=1744759802,ocrt=1744616753,ef=(1,13,17,23,30)
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 23:30:03 GMT
vary: ImageFormat
x-cache-hits: 0, 5, 0, 4, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200026-IAD, cache-iad-kcgs7200026-IAD, cache-nyc-kteb1890069-NYC, cache-iad-kjyo7100089-IAD, cache-mel11267-MEL
edge-cache-tag: 350100606727247005075025456348453788727,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 170
x-timer: S1748353832.600430,VS0,VE1
x-orig-request-id: 2fd3b28bad52a9650c5c370228e4fda0
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 16 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36996
req-referer: https://www.wunderground.com/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Gjvw7KbXAAA8yHr.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/ 76 KB
0 255ms
255ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Gjvw7KbXAAA8yHr.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3fa9095cc4bb8dcfcac1d4cd5cc51e74217113180ba61a3f23c38c83e1739f2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Gjvw7KbXAAA8yHr.jpg
x-request-id: 870d93e2688041382b3e050f142bcf09
etag: "e355304d237af993bbdd55874666f961"
age: 1191243
cache-tag: 449579742767383387442147203639398694691,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=1277,height=1064,bytes=250549,format="jpg",owidth=1600,oheight=1064,obytes=364449,oformat="jpg",crt=1746201270,ocrt=1745090150,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Sat, 19 Apr 2025 19:15:51 GMT
vary: ImageFormat
x-cache-hits: 0, 6, 0, 20, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000045-IAD, cache-iad-kiad7000045-IAD, cache-bur-kbur8200024-BUR, cache-iad-kjyo7100046-IAD, cache-mel11267-MEL
edge-cache-tag: 449579742767383387442147203639398694691,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 381
x-timer: S1748353832.600354,VS0,VE214
x-orig-request-id: cc0687443807104393c88d01284e1032
x-ratelimit-reset: 1
x-vcl-time-ms: 214
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77366
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 ea85ef0b2f9373a906ec3d747c47f80e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
0 42ms
42ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ea85ef0b2f9373a906ec3d747c47f80e.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 82f7f567dd3373038c1fcd9eaed8d030b609164615ead1b68195bf8bd46c515d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ea85ef0b2f9373a906ec3d747c47f80e.jpg
x-request-id: e7735bb83e8ddc2370cc98cff8d6342a
etag: "b9a15a728d314b9dbeb004cad1d37fd1"
age: 1279412
cache-tag: 515022071540496103221269236900228958424,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=1024,height=853,bytes=68227,format="jpg",owidth=1024,oheight=1024,obytes=612844,oformat="jpg",crt=1747074420,ocrt=1747013193,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Mon, 12 May 2025 01:26:36 GMT
vary: ImageFormat
x-cache-hits: 0, 5, 0, 1, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100161-IAD, cache-nyc-kteb1890079-NYC, cache-iad-kiad7000057-IAD, cache-mel11267-MEL
edge-cache-tag: 515022071540496103221269236900228958424,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 246
x-timer: S1748353832.600384,VS0,VE1
x-orig-request-id: 7536d0f795170c71f066420513bda3d0
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24712
req-referer: https://bbs.wenxuecity.com/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 DtKn-R_W0AAp-Vh.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 24 KB
0 256ms
256ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/DtKn-R_W0AAp-Vh.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 73dabaee0dccb38a258efe0ab6b01a328cff0a6fab3d17b00eb6e5b43da28869

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/DtKn-R_W0AAp-Vh.jpeg
etag: "c26dcb8e962e54b5c7345782868ac3f6"
age: 2801179
cache-tag: 455314600978338975907683898754432990256,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=480,height=400,bytes=22654,format="jpg",owidth=600,oheight=400,obytes=32821,oformat="jpg",crt=1743992170,ocrt=1743992169,ef=(1,13,17,23,30)
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Mon, 07 Apr 2025 02:16:11 GMT
vary: ImageFormat
x-cache-hits: 0, 11, 0, 7, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100173-IAD, cache-iad-kjyo7100173-IAD, cache-nyc-kteb1890031-NYC, cache-iad-kjyo7100121-IAD, cache-mel11267-MEL
edge-cache-tag: 455314600978338975907683898754432990256,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 253
x-timer: S1748353832.600325,VS0,VE218
x-orig-request-id: 89d589bcdd8a3ccc5a47bd0c29be3bc6
x-ratelimit-reset: 1
expiration: expiry-date="Thu, 08 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 218
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24174
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
132 B 560ms
140ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.520&id=25296&cv=20250527-3-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 559ms
143ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.521&id=66519&cv=20250527-3-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 supply-feature
sg-trc-events.taboola.com/eastleighvoice/log/3/ 0
526 B 567ms
151ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/3/supply-feature?lti=trecs&ri=a1ad1e24497d1a912e4340bb18d85f70&sd=v2_d806fe9fc22e5a67d14d448f6fe056cf_13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7_1748353831_1748353831_CLaXrwEQr_NmGOagiZDxMiABKAEwEDiu_QZA8oUQSLrE1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7&pi=%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&wi=8480518796563477967&pt=text&vi=1748353831014&tim=21%3A50%3A31.529&id=70785&llvl=2&cv=20250527-3-RELEASE&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Tue, 27 May 2025 13:50:32 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 555ms
142ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=alternating-thumbnails-a%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.540&id=47273&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 554ms
141ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=alternating-thumbnails-a%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.542&id=7367&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 555ms
142ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=alternating-thumbnails-a%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.543&id=43460&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 117ms
105ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=alternating-thumbnails-a%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.544&id=61547&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 117ms
106ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=alternating-thumbnails-a%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.545&id=45513&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 119ms
107ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=alternating-thumbnails-a%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.546&id=7357&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 Abduda-Dida.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 2 KB
0 25ms
25ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 93cfceb9814fd5ab989049bef9838061d1e2448453093a95ea179709ee89eb75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/Abduda-Dida.jpg
x-request-id: 7370f30e5fd7043bcb3b816666de5a61
etag: "2d10e0fb855bff1d6295325e50f05df1"
age: 2882736
cache-tag: 467334307013777040117166756857754632438,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=3014,format="jpg",owidth=1132,oheight=555,obytes=84794,oformat="jpg",crt=1745471095,ocrt=1745470224,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 04:50:25 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 208, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000143-IAD, cache-iad-kiad7000143-IAD, cache-lga21960-LGA, cache-iad-kcgs7200067-IAD, cache-mel11267-MEL
edge-cache-tag: 467334307013777040117166756857754632438,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 473
x-timer: S1748353832.623207,VS0,VE1
x-orig-request-id: c368ec1b0c8c8e5da769c6be2374d469
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1838
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Gjvw7KbXAAA8yHr.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/ 2 KB
0 34ms
34ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Gjvw7KbXAAA8yHr.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9db1d1c06b354247e2ece4380dbe155e43e7727ab219babf30a0f315bc43e29c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/02/Gjvw7KbXAAA8yHr.jpg
x-request-id: b6e2755d334f34755fc7ad51b1f2b114
etag: "031d6a2bf9b14a6297f862e9ff0750fa"
age: 2039115
cache-tag: 449579742767383387442147203639398694691,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=4050,format="jpg",owidth=1600,oheight=1064,obytes=364449,oformat="jpg",crt=1742748105,ocrt=1742269816,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Tue, 18 Mar 2025 03:50:18 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 139, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100070-IAD, cache-nyc-kteb1890099-NYC, cache-iad-kjyo7100069-IAD, cache-mel11267-MEL
edge-cache-tag: 449579742767383387442147203639398694691,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 3216
x-timer: S1748353832.625146,VS0,VE1
x-orig-request-id: d17ef2ba4e26ed779b0e37063b534651
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2376
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 DtKn-R_W0AAp-Vh.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 2 KB
0 37ms
37ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/DtKn-R_W0AAp-Vh.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 53a106de504e8997d822867ee2e6ffc91f3e8ada24a258334b2a355642eb8980

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/DtKn-R_W0AAp-Vh.jpeg
x-request-id: 124aadcc4ae1337f17ee8e4e13a9a7f1
etag: "d8577695144470f0deec6936fd50df72"
age: 3108385
cache-tag: 455314600978338975907683898754432990256,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=2330,format="jpg",owidth=600,oheight=400,obytes=32821,oformat="jpg",crt=1741282769,ocrt=1741282769,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Thu, 06 Mar 2025 17:39:30 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 167, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100076-IAD, cache-lga21960-LGA, cache-iad-kcgs7200150-IAD, cache-mel11267-MEL
edge-cache-tag: 455314600978338975907683898754432990256,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1120
x-timer: S1748353832.648033,VS0,VE1
x-vcl-time-ms: 1
x-ratelimit-reset: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1796
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Chebukati-funeral-2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 3 KB
0 46ms
46ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/Chebukati-funeral-2.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a38476dcbd8462d7d445bf05b9c97256b865a86f847fbf3fbf543b6f07f06b5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/Chebukati-funeral-2.jpg
etag: "1125eca37d50ff195a11e57cba64ff1c"
age: 1397195
cache-tag: 486428810234314599026743641166389146595,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=4929,format="jpg",owidth=1038,oheight=522,obytes=218355,oformat="jpg",crt=1744692748,ocrt=1744157355,ef=(1,13,17,23,30)
x-cache: Miss from cloudfront, HIT, HIT, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 04:52:29 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 648, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kiad7000025-IAD, cache-iad-kcgs7200097-IAD, cache-mel11267-MEL
edge-cache-tag: 486428810234314599026743641166389146595,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 182
x-timer: S1748353832.648111,VS0,VE1
x-orig-request-id: f7175eb587e39ff0e303d0b28e67e5af
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 16 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2656
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 captain.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 2 KB
0 52ms
52ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/captain.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3698ce126bb838c3e38999d169d530fa3f153785168a15253c0685f8b7ccce14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/captain.jpg
x-request-id: 5f081fb25cd2e5078d7ae3711e392b93
etag: "bb78ffd8a2b9bbfc90e95aa9cba1b179"
age: 1844504
cache-tag: 468884317442750716108183213958918409938,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=3368,format="jpg",owidth=485,oheight=272,obytes=24279,oformat="jpg",crt=1746509326,ocrt=1745460824,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Thu, 24 Apr 2025 02:13:45 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 2961, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200174-IAD, cache-bur-kbur8200030-BUR, cache-iad-kiad7000092-IAD, cache-mel11267-MEL
edge-cache-tag: 468884317442750716108183213958918409938,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 740
x-timer: S1748353832.660169,VS0,VE1
x-orig-request-id: ab86dc81c1fb9b56bc27691a796f7845
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2186
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 b6e4768e296f4d768d9d1599bbd71a84.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 1 KB
0 60ms
60ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b6e4768e296f4d768d9d1599bbd71a84.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b21d44f51b0d9e4ccf30234dbdfb4f881ae98b6bf5c5454920769eecbc109cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b6e4768e296f4d768d9d1599bbd71a84.jpg
x-request-id: 906b3bb9fc269255160c5c074af6c7e9
etag: "f45732c443af19e78947a2d92c95274b"
age: 3594047
cache-tag: 430542589799004887661560790191339006502,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=2346,format="jpg",owidth=1200,oheight=674,obytes=447495,oformat="jpg",crt=1744759783,ocrt=1744615101,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Mon, 14 Apr 2025 07:18:22 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 69, 7357
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200047-IAD, cache-iad-kcgs7200047-IAD, cache-bur-kbur8200076-BUR, cache-iad-kjyo7100133-IAD, cache-mel11267-MEL
edge-cache-tag: 430542589799004887661560790191339006502,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 363
x-timer: S1748353832.663288,VS0,VE0
x-orig-request-id: ed011d1bc77cd0488d07ee65877866d9
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1396
req-referer: https://cdn.taboola.com/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 3b53fb36b5a63d6749497e9b15b298f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 2 KB
0 71ms
71ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b53fb36b5a63d6749497e9b15b298f8.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 711465dc4b86846a860963de8008f3f7386989cbf22b9f59d8c2648cdd09afcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b53fb36b5a63d6749497e9b15b298f8.jpg
x-request-id: 8388f3428d5a00f7e896fe6f36df548a
etag: "d73cb63aa17dc0164a082d7aca9c0da9"
age: 3594047
cache-tag: 350100606727247005075025456348453788727,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=4190,format="jpg",owidth=800,oheight=450,obytes=41777,oformat="jpg",crt=1744759783,ocrt=1744616753,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Mon, 14 Apr 2025 07:45:54 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 74, 1462
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100079-IAD, cache-iad-kjyo7100079-IAD, cache-bur-kbur8200086-BUR, cache-iad-kiad7000095-IAD, cache-mel11267-MEL
edge-cache-tag: 350100606727247005075025456348453788727,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 372
x-timer: S1748353832.672078,VS0,VE0
x-orig-request-id: 2fd3b28bad52a9650c5c370228e4fda0
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2484
req-referer: https://cdn.taboola.com/
x-ratelimit-limit: 101
server: nginx

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 119ms
108ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-rec-reel-01-x-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.603&id=33258&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 123ms
111ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-rec-reel-01-x-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.604&id=1908&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 123ms
112ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-rec-reel-01-x-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.605&id=51028&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 124ms
113ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-rec-reel-01-x-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.606&id=7005&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 124ms
113ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-01-x-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.607&id=45142&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 120ms
109ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=thumbs-feed-01-y-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.608&id=87900&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 120ms
109ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=thumbs-feed-01-y-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.609&id=76896&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 Agather-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
0 41ms
41ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Agather-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e021cf3ee08b725c23a465eda2a33b3f7c8797b9feaaa193dc432fe43f166163

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Agather-1.jpg
x-request-id: 104b4e94498af3159be36b4d28213569
etag: "874e9c426c39e496bc6e9d1ee5c05a1c"
age: 244072
cache-tag: 628576854059927373854249909714521930233,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=2072,format="jpg",owidth=534,oheight=361,obytes=26401,oformat="jpg",crt=1748109759,ocrt=1748109717,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Sat, 24 May 2025 18:01:58 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 211, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kiad7000146-IAD, cache-mad22033-MAD, cache-iad-kiad7000160-IAD, cache-mel11267-MEL
edge-cache-tag: 628576854059927373854249909714521930233,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 428
x-timer: S1748353832.678902,VS0,VE1
x-orig-request-id: 6d0117069244d7f52ea5c6c4c7ba422c
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1756
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Screenshot-2025-05-06-114321.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
0 84ms
84ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Screenshot-2025-05-06-114321.png
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: aa64a4aec31e212ad343ac21d26c41924c81dc63ca30b05a8c53eb2756cb9b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Screenshot-2025-05-06-114321.png
etag: "b5adb73131d06e919467928e4c57904d"
age: 1034146
cache-tag: 303008268078755281873377062085778044803,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=3542,format="jpg",owidth=517,oheight=279,obytes=245991,oformat="png",crt=1746523950,ocrt=1746523949,ef=(1,13,17,23,30)
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Tue, 06 May 2025 09:32:31 GMT
vary: ImageFormat
x-cache-hits: 0, 2, 0, 88, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100129-IAD, cache-mad22049-MAD, cache-iad-kiad7000055-IAD, cache-mel11267-MEL
edge-cache-tag: 303008268078755281873377062085778044803,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 887
x-timer: S1748353832.699301,VS0,VE1
x-orig-request-id: e2ac9566fe5dd8a7f05316be99abfa85
x-ratelimit-reset: 1
expiration: expiry-date="Fri, 06 Jun 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2062
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 GoBpfyoX0AAjRvG.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/ 1 KB
0 62ms
62ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c96857083ddc556582862f666dee1d2f385dc810a2bb1681de53d35fe85f41f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/04/GoBpfyoX0AAjRvG.jpeg
x-request-id: d4bc89d6bcd5e41f507fd1c3a46865be
etag: "95511953f69ed379e4af6706eda5f8dc"
age: 4188215
cache-tag: 301241422589470688683582359966307351581,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=1473,format="jpg",owidth=957,oheight=705,obytes=52222,oformat="jpg",crt=1744165616,ocrt=1744159095,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Wed, 09 Apr 2025 00:38:16 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 82, 1
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000091-IAD, cache-iad-kiad7000091-IAD, cache-bur-kbur8200119-BUR, cache-iad-kiad7000119-IAD, cache-mel11267-MEL
edge-cache-tag: 301241422589470688683582359966307351581,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1086
x-timer: S1748353832.699199,VS0,VE1
x-orig-request-id: cd2ddbd41295c5149439ae94c0f309f3
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1040
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 c82ff386-f27d-4481-8f2b-c9f78db717e2.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 904 B
0 61ms
61ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/c82ff386-f27d-4481-8f2b-c9f78db717e2.jpeg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b60531a963aafd353b4e04d81e2c3402d6c4356483f086ef40ca253a585998ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/c82ff386-f27d-4481-8f2b-c9f78db717e2.jpeg
x-request-id: e23e14edf63fd160d50f0827bf03c54e
etag: "03fa6671f85bc177707105bb1453ee80"
age: 632041
cache-tag: 301490234694355162369101596024418227046,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=1297,format="jpg",owidth=535,oheight=415,obytes=14946,oformat="jpg",crt=1747721790,ocrt=1747721011,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Tue, 20 May 2025 06:03:33 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 123, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000140-IAD, cache-iad-kiad7000140-IAD, cache-nyc-kteb1890041-NYC, cache-iad-kcgs7200103-IAD, cache-mel11267-MEL
edge-cache-tag: 301490234694355162369101596024418227046,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 396
x-timer: S1748353832.699165,VS0,VE1
x-orig-request-id: d6b375be347c8ed962672d1a78094d3d
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 904
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Fr-Alois.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
0 112ms
112ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Fr-Alois.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ca43e39e9c968a87532575c7e281ab3712ccf3b31db24b245682a72f2630ac78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Fr-Alois.jpg
x-request-id: b31df5fc423e5acdb506b108353ebe0f
etag: "92936fb3b1d05b45fd3fc4c79928f1dc"
age: 421634
cache-tag: 388774023078194418251269445448855986848,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=3434,format="jpg",owidth=762,oheight=436,obytes=73588,oformat="jpg",crt=1747932198,ocrt=1747932197,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Thu, 22 May 2025 16:43:19 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 82, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200170-IAD, cache-iad-kcgs7200170-IAD, cache-toj-leto2350042-TOJ, cache-iad-kiad7000040-IAD, cache-mel11267-MEL
edge-cache-tag: 388774023078194418251269445448855986848,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 759
x-timer: S1748353832.747062,VS0,VE1
x-vcl-time-ms: 1
x-ratelimit-reset: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2288
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 ea85ef0b2f9373a906ec3d747c47f80e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 2 KB
0 97ms
97ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ea85ef0b2f9373a906ec3d747c47f80e.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e5c4a6a6cebc10f321441e5307930d1b83e5ec7d1fa261d1926fbb6b608cf11d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ea85ef0b2f9373a906ec3d747c47f80e.jpg
x-request-id: e26e85635b0b8cf5f00202b38039196f
etag: "cbe3bbd40b7f78b7ed64529bfcc5ed04"
age: 530999
cache-tag: 515022071540496103221269236900228958424,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=3178,format="jpg",owidth=1024,oheight=1024,obytes=612844,oformat="jpg",crt=1743849206,ocrt=1743522318,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Tue, 01 Apr 2025 15:45:19 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 4
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000031-IAD, cache-iad-kiad7000043-IAD, cache-iad-kjyo7100062-IAD, cache-mel11267-MEL
edge-cache-tag: 515022071540496103221269236900228958424,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 416
x-timer: S1748353832.747011,VS0,VE0
x-orig-request-id: b7364b6ae5df8a017b2b84145271671b
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2172
req-referer: https://84d81de3c24992de5b4df37f12ed9476.safeframe.googlesyndication.com/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 ba2afd4ae7446a7fa8621c7c5aca40fa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 1 KB
0 97ms
97ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ba2afd4ae7446a7fa8621c7c5aca40fa.png
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1b88cf40094e930cf8d8d432ebac42b31046e03d40a49065246489dcb64e8f19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ba2afd4ae7446a7fa8621c7c5aca40fa.png
x-request-id: 73a2d5f72af0f2762cbdeeaeb79cc16f
etag: "00b0a7a8889420b4a2ca523bbf86bdc8"
age: 1396206
cache-tag: 371145685572741580329742487146699889822,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=1810,format="jpg",owidth=1000,oheight=750,obytes=703894,oformat="png",crt=1738848451,ocrt=1738771240,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Wed, 05 Feb 2025 16:00:42 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 29838, 63
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200061-IAD, cache-iad-kcgs7200061-IAD, cache-nyc-kteb1890024-NYC, cache-iad-kjyo7100058-IAD, cache-mel11267-MEL
edge-cache-tag: 371145685572741580329742487146699889822,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 357
x-timer: S1748353832.747012,VS0,VE0
x-orig-request-id: 43c2069def03a511fef3ea9b5a6cd6a1
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1424
req-referer: https://www.heraldnews.com/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 Gri-FtrXwAAquas.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/ 2 KB
0 122ms
122ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gri-FtrXwAAquas.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e6a7c3f66c7f885e72dbb256feea0dd0acce8f7ca8815a12c2df8c2f105c878b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/05/Gri-FtrXwAAquas.jpg
x-request-id: 4ae05b9b9017c46e71ca156aac564b59
etag: "f05f3c3ee2980abafe1d147c1234e145"
age: 435148
cache-tag: 439588602677629201110563817461403781104,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=4086,format="jpg",owidth=1600,oheight=879,obytes=165530,oformat="jpg",crt=1747918683,ocrt=1747915511,ef=(1,13,17,23,30)
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Thu, 22 May 2025 12:05:13 GMT
vary: ImageFormat
x-cache-hits: 0, 0, 0, 124, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kiad7000153-IAD, cache-iad-kiad7000153-IAD, cache-toj-leto2350033-TOJ, cache-iad-kjyo7100175-IAD, cache-mel11267-MEL
edge-cache-tag: 439588602677629201110563817461403781104,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 589
x-timer: S1748353832.768094,VS0,VE1
x-orig-request-id: d837ea53a12fd5ec77f1d593f98ffc4b
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2350
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

GET
H2 200 cargo-plane-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/ 2 KB
0 113ms
113ms Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/cargo-plane-1.jpg
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 608770fad12c8d699ca6395c72b19aca5af82cf36636e05f49169a14b98538c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_50%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//publish.eastleighvoice.co.ke/mugera_lock/uploads/2025/03/cargo-plane-1.jpg
etag: "67ee398d5e431dbfcd82fe14389e4ad7"
age: 1403346
cache-tag: 314679380650378917780310701296493537524,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
surrogate-reporting: width=100,height=50,bytes=2256,format="jpg",owidth=831,oheight=431,obytes=98065,oformat="jpg",crt=1745875489,ocrt=1745561313,ef=(1,13,17,23,30)
x-cache: Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/webp
last-modified: Mon, 28 Apr 2025 21:24:50 GMT
vary: ImageFormat
x-cache-hits: 0, 2, 0, 33, 0
access-control-allow-headers: X-Requested-With
x-served-by: cache-iad-kcgs7200062-IAD, cache-iad-kcgs7200062-IAD, cache-chi-klot8100023-CHI, cache-iad-kiad7000058-IAD, cache-mel11267-MEL
edge-cache-tag: 314679380650378917780310701296493537524,500279100781919200182397787612105222252,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 467
x-timer: S1748353832.768101,VS0,VE1
x-orig-request-id: 6bea210213c0511f6b85d1589df31b3b
x-ratelimit-reset: 1
expiration: expiry-date="Thu, 29 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1822
req-referer: https://eastleighvoice.co.ke/
x-ratelimit-limit: 101
server: nginx

POST
H2 204 pubs-generic
trc.taboola.com/eastleighvoice/log/3/ 0
576 B 121ms
114ms Ping
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://trc.taboola.com/eastleighvoice/log/3/pubs-generic?route=SG%3ASG%3AV&lti=trecs&ri=757db900c450963be5925291531a7458&sd=v2_d806fe9fc22e5a67d14d448f6fe056cf_13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7_1748353831_1748353831_CLaXrwEQr_NmGOagiZDxMiABKAEwEDiu_QZA8oUQSLrE1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7&pi=%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&wi=8480518796563477967&pt=text&vi=1748353831014&tim=21%3A50%3A31.641&id=44461&llvl=2&cv=20250527-3-RELEASE&d=%7B%22data%22%3A%22%5C%22%5C%22%22%2C%22type%22%3A%22recReel-available%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Tue, 27 May 2025 13:50:31 GMT
content-type: image/gif
x-served-by: cache-mel11267-MEL
x-cache-hits: 0
cache-control: no-cache
x-fastly-to-nlb-rtt: 95011
pragma: no-cache
x-timer: S1748353832.676884,VS0,VE97
x-vcl-time-ms: 97
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-service-version: v1
server: nginx

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 122ms
111ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-01-b-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.646&id=6376&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 166ms
155ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-01-b-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.647&id=46708&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 168ms
158ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-01-b-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.648&id=94034&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 169ms
158ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-y-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.651&id=53208&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 167ms
156ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-y-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.652&id=85857&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

GET
H2

200

pixel-taboola
www.temu.com/api/adx/cm/ Frame 885E
Redirect Chain

https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
https://www.temu.com/api/adx/cm/pixel-taboola?id=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7

0
498 B

269ms
232ms

Image
text/plain

151.101.66.58
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://www.temu.com/api/adx/cm/pixel-taboola?id=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Server

151.101.66.58 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS
date: Tue, 27 May 2025 13:50:32 GMT
x-served-by: cache-mel11223-MEL
x-cache-hits: 0
vary: accept-encoding
strict-transport-security: max-age=31536000
yak-timeinfo: 1748353832568|5
x-timer: S1748353832.461388,VS0,VE218
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
via: 1.1 varnish
x-gateway-request-id: 1748353832568-fbf0a300bc5625597134ffdd56dbf0e6-20
accept-ranges: none
cip: 103.108.229.253
server: nginx

Redirect headers

x-fastly-to-nlb-rtt: 92489
location: https://www.temu.com/api/adx/cm/pixel-taboola?id=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

GET
H2

200

bounce
ib.adnxs.com/ Frame 885E
Redirect Chain

https://ib.adnxs.com/setuid?entity=584&code=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7%26gdpr%3D0%26gdpr_consent%3D

43 B
1 KB

424ms
422ms

Image
image/gif

103.43.91.51
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7%26gdpr%3D0%26gdpr_consent%3D

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

Server

103.43.91.51 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.229.253; 103.108.229.253; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: ba201db5-ceb2-4544-8f67-65da03bd398d
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 27 May 2025 13:50:33 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7%26gdpr%3D0%26gdpr_consent%3D
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 103.108.229.253; 103.108.229.253; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 6e9b0cdd-031e-4cba-9fd5-94947f9e5930
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 27 May 2025 13:50:32 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 165ms
157ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=thumbs-feed-01-y-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.655&id=32856&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92743
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 220ms
211ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=thumbs-feed-01-y-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.656&id=14631&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92680
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 216ms
208ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-y-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.659&id=72845&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92680
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 216ms
208ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=organic-thumbs-feed-y-em-delta%2C%20info%2C%20has%20Taboola%20Choice%20%3D%20true&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A31.659&id=5819&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92680
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35AB 42 B
65 B 162ms
153ms Fetch
image/gif 108.177.97.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqV4m-eAt-3u088Zs1V9HHnr5_DuypYebqSNCDsenoXKMG2J9eDjvBUhcyDbOaO-HrBTb6g0t66US00RFIOQHbwjwoBjLRIiQ0jQXlh4bc94qRhq4AicPvt7xGkim2cecxb7KAT_OgDjUPN1QhF2CIEkhSpw1v_KOE8KmmuNsk--s6wso&sig=Cg0ArKJSzMvHQD1wJxRUEAE&id=lidar2&mcvt=1173&p=1160,436,1250,1164&tm=1313.8999996185303&tu=129.19999980926514&mtos=536,1051,1173,1185,1185&tos=536,515,122,12,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2962879711&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4428663000&rst=1748353830140&rpt=365&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.97.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tm-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 13:50:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 c.html Show response
scripts.yehtu.com/scripts3/79835/ Frame B8EA 738 B
693 B 709ms
366ms Document
text/html 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2340584
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 27 May 2025 13:50:32 GMT
etag: W/"6723556f-2e2"
expires: Fri, 01 May 2026 11:40:48 GMT
last-modified: Thu, 31 Oct 2024 10:01:19 GMT
server: nginx
traceparent: 00-7f1956d1a9aae3f7e9820f6363cd53c7-bb3edda0b97a9ee7-01
vary: Accept-Encoding
x-cached-since: 2025-04-30T11:40:48+00:00
x-id: sv5-hw-edge-gc28
x-id-fe: sv5-hw-edge-gc27
x-shard: sv5-shard0-default

GET
H2 200 loader2.js Show response
scripts.yehtu.com/scripts3/ 178 KB
0 0ms
0ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/loader2.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 23d2e77961e64829183d726e3ceb51d27e07f8da186d58bc72dbe3c629dc5022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235559-2c70c"
age: 36
traceparent: 00-0b7b61ba7af7d15bb1e85b1604c2cce9-acef39485ed48ea8-01
expires: Thu, 31 Oct 2024 10:16:37 GMT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
last-modified: Thu, 31 Oct 2024 10:00:57 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=600
x-id: sv5-hw-edge-gc25
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-cached-since: 2025-05-27T13:49:55+00:00
server: nginx

GET
H2 204 / Show response
cds.taboola.com/ 0
0 1147ms
1147ms XHR
text/plain

General

Check archive.org

Download Go to

Full URL: https://cds.taboola.com/?uid=13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: *
cache-control: no-store
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx

GET
H2 200 c.html Show response
scripts.yehtu.com/scripts3/79835/ Frame D09A 738 B
0 664ms
664ms Document
text/html 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/c.html?b=79835
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://eastleighvoice.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2340584
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 27 May 2025 13:50:32 GMT
etag: W/"6723556f-2e2"
expires: Fri, 01 May 2026 11:40:48 GMT
last-modified: Thu, 31 Oct 2024 10:01:19 GMT
server: nginx
traceparent: 00-7f1956d1a9aae3f7e9820f6363cd53c7-bb3edda0b97a9ee7-01
vary: Accept-Encoding
x-cached-since: 2025-04-30T11:40:48+00:00
x-id: sv5-hw-edge-gc28
x-id-fe: sv5-hw-edge-gc27
x-shard: sv5-shard0-default

GET
H2 200 ad1e53d6ca54518d4679.b.js Show response
scripts.yehtu.com/scripts3/79835/ 47 KB
17 KB 178ms
176ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/ad1e53d6ca54518d4679.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d2cc16b87d3f592e8775a33b10cdcf583b507ccc15fc697f50ec97c74c38ed3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723556e-ba34"
age: 1901980
traceparent: 00-85d25d675efad6c4f12402df07dc65a4-0f88e98591509c98-01
expires: Wed, 06 May 2026 13:30:51 GMT
date: Tue, 27 May 2025 13:50:31 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:18 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc28
access-control-allow-origin: *
x-cached-since: 2025-05-05T13:30:51+00:00
server: nginx

GET
H2 200 25264767d517534e5c42.b.js Show response
scripts.yehtu.com/scripts3/79835/ 79 KB
21 KB 329ms
328ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/25264767d517534e5c42.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b77e839aee33d67ff170eff4e9b2f24dd7346c312d0e982e90f1a5c70911f4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235562-13c34"
age: 1901981
traceparent: 00-aa22ccd9f15b54ca245607be9a914651-be8ecb117032f3de-01
expires: Wed, 06 May 2026 13:30:51 GMT
date: Tue, 27 May 2025 13:50:32 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:06 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc28
access-control-allow-origin: *
x-cached-since: 2025-05-05T13:30:51+00:00
server: nginx

POST
H2 204 debug
sg-trc-events.taboola.com/eastleighvoice/log/2/ 0
131 B 216ms
208ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/2/debug?type=info&msg=page%2C%20info%2C%20injected%20RTUS%20service&lt=trecs&tvi48=14791&tvi50=25495&tvi62=18148&tim=21%3A50%3A32.031&id=7236&cv=20250527-3-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
x-fastly-to-nlb-rtt: 92680
date: Tue, 27 May 2025 13:50:32 GMT
server: nginx
access-control-allow-credentials: true

GET
H3 200 ad_entry_ Show response
fundingchoicesmessages.google.com/f/AGSKWxXbh48bL9WxplwxM77lkZH3DEryWERXcaCasZKo9GatTcp5LvXA2iOR-wqUgZIKPkbspTtJCVMREuqZYgJjllj20-iOqhaRRNMqzPGn-1bUElx2qKQmfnEkQkwmQmC4ysiCVyrBiZ23Ymh0UZb4xDXZmTWH2... 54 B
0 138ms
138ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXbh48bL9WxplwxM77lkZH3DEryWERXcaCasZKo9GatTcp5LvXA2iOR-wqUgZIKPkbspTtJCVMREuqZYgJjllj20-iOqhaRRNMqzPGn-1bUElx2qKQmfnEkQkwmQmC4ysiCVyrBiZ23Ymh0UZb4xDXZmTWH2Fg47mlFfoXS0vkhTzodzJSRUFVX4zbl/_/adiframe18._ad_square.&adname=_adlinkbar./ad_entry_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=ad_blocking_detection_executable

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2dc158387ab60c273019e6efd6156895e87bde346452bf7575cedf7b932a369b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T-oOwPkGxnUGrYH8GUCqfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBiOHnrNtNFIG69eY51MhAbKlxitQfi--susT4H4g_1l1l_AHGRxBXWBiD-VHWDVaD6BmsS-03WAiAOdbzJGgvCaTdZU4F418ZbrAeBuEn7NmsXEJv53Wa1A2Ihbo4VbdcPsgncaO4PUdJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1MDUy0DMwiC8wAACVPEP-"
content-security-policy: script-src 'report-sample' 'nonce-T-oOwPkGxnUGrYH8GUCqfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 251 KB
0 141ms
141ms Script
text/javascript

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.oaK7aFo_f-U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwRjfQquch2XBOAKw7IoCcozaVYqQ/m=ad_blocking_detection_executable

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

69aadf1302439c3c5bc3c371b057bbdf2923a7cde078e901393e0ce5201e35c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: br
etag: 5749300307176127947
age: 2677
x-content-type-options: nosniff
expires: Tue, 27 May 2025 14:05:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 13:05:55 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 80898
x-xss-protection: 0
server: cafe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p_eyWPMNbDpPA0Wg6e8ReA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBi-FB_mfUHEJv53Wa1A2Ihbo4VbdcPsglcuNMdquSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDUyNjPQMzOMLDABu-ScV"
content-security-policy: script-src 'report-sample' 'nonce-p_eyWPMNbDpPA0Wg6e8ReA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fsv84JDeQCFs-cHi8E_Gwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBi-FB_mfUHEJv53Wa1A2IhHo4VbdcPsgl8eLl_JqOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjUwNTLSMzCPLzAAAKnHJ7U"
content-security-policy: script-src 'report-sample' 'nonce-Fsv84JDeQCFs-cHi8E_Gwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qBeSvqNUUWZUTrolMReMlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBi-FB_mfUHEJv53Wa1A2IhHo4VbdcPsglseH1wLaOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjUwNTLSMzCPLzAAAJwtJ4k"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qBeSvqNUUWZUTrolMReMlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rjgK_mJtGvEWK8bXm4HEeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05Bi-FB_mfUHEJv53Wa1A2IhHo4VbdcPsgks2LR3DaOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjUwNTLSMzCPLzAAAIX_Jzw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rjgK_mJtGvEWK8bXm4HEeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXMfbQGb-JDN-t6YWra3-qjI5CptzJfqmfxPIcbZINUzkgsjlfdhoFX6iQXKNe2_8rbgrYjfteshLTuDvxoFGdmGA6iX2F3P4R1mXdEHeFprJVULPilrhN32Ij-1245J08TYD_tnA== Show response
fundingchoicesmessages.google.com/f/ 5 KB
0 451ms
451ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXMfbQGb-JDN-t6YWra3-qjI5CptzJfqmfxPIcbZINUzkgsjlfdhoFX6iQXKNe2_8rbgrYjfteshLTuDvxoFGdmGA6iX2F3P4R1mXdEHeFprJVULPilrhN32Ij-1245J08TYD_tnA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MzUzODMyLDI5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZWFzdGxlaWdodm9pY2UuY28ua2UvbmF0aW9uYWwvMTU1NTk1L3doeS13aWxkbGlmZS1hdHRhY2stdmljdGltcy1mYWNlLWxvbmdlci13YWl0LWZvci1nb3Zlcm5tZW50LWNvbXBlbnNhdGlvbiIsbnVsbCxbWzI2LCIxMiJdLFs4LCJvYUs3YUZvX2YtVSJdLFs5LCJlbi1HQiJdLFsyMywiMTc0ODM1MzgyOSJdLFsxOSwiMiJdLFsyNCwibmV3cy5nb29nbGUuY29tIl0sWzI1LCJbWzk1MzU5MjYxXV0iXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

30e6589d506b31c185bcd6ec2a513b0e4d86fa7d32e1c05a803813dffbd1a758

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Mla3HRHUmjEbhWgsbd2XrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBiaL15jnUyEBsqXGK1B-L76y6xPgfiD_WXWX8AcZHEFdYGIP5UdYNVoPoGaxL7TdYCIA51vMkaC8JpN1lTgXjNxlusm4G4Sfs2axcQm_ndZrUDYiEejhVt1w-yCVzY1n-ESUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjUwNTIQM_AIL7AAADBEz9-"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Mla3HRHUmjEbhWgsbd2XrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 dsp.aspx Show response
ads.yehtu.com/ 2 KB
1 KB 1803ms
551ms Script
application/javascript 116.202.167.156
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://ads.yehtu.com/dsp.aspx?sender=yehtu&rct=4&v=2.0&rnd=9266165784467630&cpv=43313f0d-c9ef-04cf-5c2c-9badb02a144b&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=c964e881-ef12-4081-a3d6-2e2c785ceb48&cntoid=&data=%7B%22id%22%3A%227436dd26-460e-3241-dc77-e9dc9db20c0f%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Feastleighvoice.co.ke%252Fnational%252F155595%252Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation%22%2C%22ref%22%3A%22https%253A%252F%252Fnews.google.com%252F%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224d490419-6bdb-0576-fbae-d9ba28b61371%22%2C%22tagid%22%3A%2259d172eb-ba54-4b3b-9d73-f06bf722ad1b%22%2C%22ext%22%3A%7B%22ph%22%3A%22yehtu_async_1951191556%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22yehtu%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&3rdEnabled=true&3rd=true

Requested by

Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.167.156 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.156.167.202.116.clients.your-server.de

Software

nginx /

Resource Hash

4069f5f7911fdcf9fa0dcdc5285fc395f1b50e43a901a364381b73e67d092574

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

keep-alive: timeout=25
content-encoding: gzip
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 869
p3p: CP="NID DSP ALL COR"
date: Tue, 27 May 2025 13:50:34 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
0 14ms
14ms Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25436
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
x-cache: HIT
date: Tue, 27 May 2025 13:50:32 GMT
content-type: image/png
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
x-cache-hits: 852
x-amz-id-2: aAbongQM6da8z7YrZpEwVbd2Uq/wDzLeV5bpcc48cypMZtDeFTV5MURQcP3eNWoQJAxA32s8S7g=
x-served-by: cache-mel11267-MEL
x-amz-replication-status: COMPLETED
cache-control: private,max-age=31536000
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1748353833.557501,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 0ASSBXV6NVBSHCFQ
accept-ranges: bytes
access-control-allow-origin: *
abp: 12
content-length: 254
server: AmazonS3

POST
H2 204 bulk
trc.taboola.com/eastleighvoice/log/3/ 0
568 B 131ms
127ms Ping
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://trc.taboola.com/eastleighvoice/log/3/bulk?route=SG%3ASG%3AV&lti=trecs&tvi48=14791&tvi50=25495&tvi62=18148&cv=20250527-3-RELEASE&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Tue, 27 May 2025 13:50:32 GMT
content-type: image/gif
x-served-by: cache-mel11267-MEL
x-cache-hits: 0
cache-control: no-cache
x-fastly-to-nlb-rtt: 95340
pragma: no-cache
x-timer: S1748353833.591417,VS0,VE106
x-vcl-time-ms: 106
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://eastleighvoice.co.ke
x-service-version: v1
server: nginx

POST
H2 204 bulk-metrics
sg-trc-events.taboola.com/eastleighvoice/log/3/ 0
526 B 227ms
223ms Ping
text/plain 141.226.229.48
TABOOLA-AS Tabool...

General

Check archive.org

Download Go to

Full URL: https://sg-trc-events.taboola.com/eastleighvoice/log/3/bulk-metrics?route=SG%3ASG%3AV&lti=trecs&tvi48=14791&tvi50=25495&tvi62=18148&cv=20250527-3-RELEASE&bulkSize=9
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/eastleighvoice/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-allow-origin: https://eastleighvoice.co.ke
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Tue, 27 May 2025 13:50:32 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gAjpoj6Ik3EiIlqG9DFk5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBi-FB_mfUHEJv53Wa1A2IhHo4VbdcPsgk0XOpuY1ZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGpgamRkZ6BubxBQYAcYsm8A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gAjpoj6Ik3EiIlqG9DFk5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVA1kFkjBizuKYNG2KmAflj3xcMVZ-RDHLVuk3RMT4qCVidcc0dYWEEeZ1dZD8AJv6z5h-tgWLksQQQXqinvd691xFfv5QnbNPRtNvGeojRQ3q6SMvwNYydqxw5AihgRm3e7D-puw== Show response
fundingchoicesmessages.google.com/f/ 2 KB
0 170ms
170ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVA1kFkjBizuKYNG2KmAflj3xcMVZ-RDHLVuk3RMT4qCVidcc0dYWEEeZ1dZD8AJv6z5h-tgWLksQQQXqinvd691xFfv5QnbNPRtNvGeojRQ3q6SMvwNYydqxw5AihgRm3e7D-puw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MzUzODMyLDc1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZWFzdGxlaWdodm9pY2UuY28ua2UvbmF0aW9uYWwvMTU1NTk1L3doeS13aWxkbGlmZS1hdHRhY2stdmljdGltcy1mYWNlLWxvbmdlci13YWl0LWZvci1nb3Zlcm5tZW50LWNvbXBlbnNhdGlvbiIsbnVsbCxbWzI2LCIxMiJdLFs4LCJvYUs3YUZvX2YtVSJdLFs5LCJlbi1HQiJdLFsyMywiMTc0ODM1MzgyOSJdLFsxOSwiMiJdLFsyNCwibmV3cy5nb29nbGUuY29tIl0sWzI1LCJbWzk1MzU5MjYxXV0iXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

de889ee17ae3db1ef6265e88e57712c101816f470069300ae222646a8f853c03

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rs41j8EakIDP9vNcAzkn5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBiaL15jnUyEBsqXGK1B-L76y6xPgfiD_WXWX8AcZHEFdYGIP5UdYNVoPoGaxL7TdYCIA51vMkaC8JpN1lTgXjNxlusm4G4Sfs2axcQm_ndZrUDYiEejhVt1w-yCZzoaZ3NrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRqYGpkoGdgEF9gAACsYD8V"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rs41j8EakIDP9vNcAzkn5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXh9P5-Os4Y9FRdhVbwl3ScDGp4Yq1vG7WC5MUA5Es2RQfhTYfrqDBQW37CQSCcKOiohU5XjnlP1SK4ZhEXb9NBeTd8MWYn6UWsqwHItjv8zEWQSydzY4jz_JZ2NxRPIHbFTYZjJw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
0 268ms
268ms Script
application/javascript

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXh9P5-Os4Y9FRdhVbwl3ScDGp4Yq1vG7WC5MUA5Es2RQfhTYfrqDBQW37CQSCcKOiohU5XjnlP1SK4ZhEXb9NBeTd8MWYn6UWsqwHItjv8zEWQSydzY4jz_JZ2NxRPIHbFTYZjJw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4MzUzODMyLDk0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9lYXN0bGVpZ2h2b2ljZS5jby5rZS9uYXRpb25hbC8xNTU1OTUvd2h5LXdpbGRsaWZlLWF0dGFjay12aWN0aW1zLWZhY2UtbG9uZ2VyLXdhaXQtZm9yLWdvdmVybm1lbnQtY29tcGVuc2F0aW9uIixudWxsLFtbMjYsIjEyIl0sWzgsIm9hSzdhRm9fZi1VIl0sWzksImVuLUdCIl0sWzIzLCIxNzQ4MzUzODI5Il0sWzE5LCIyIl0sWzI0LCJuZXdzLmdvb2dsZS5jb20iXSxbMjUsIltbOTUzNTkyNjFdXSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

4150822dc5828101125b84c314da9a0a8728e9e273cea8cff07f0eb4872eda5a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Dzx0gAr2xxgQiVPq_oebJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBiaL15jnUyEBsqXGK1B-L76y6xPgfiD_WXWX8AcZHEFdYGIP5UdYNVoPoGaxL7TdYCIA51vMkaC8JpN1lTgXjNxlusm4G4Sfs2axcQm_ndZrUDYiFujpVt1w-yCTxYPcNZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyNTA1MhAz8AgvsAAAHNJPvo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Dzx0gAr2xxgQiVPq_oebJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWjM-K3XSXPG8O8uoKxi-FZvhUjPFS9Dvt-hWUDbYQ94zGYyrof6dgYKp52OsjxbvE7Dzral3l35yVc_G1NsdEF_y7v68ZtRcwldupiYF4lGMvUfy1m4A5UcL0oJljEemkfmjKRTg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 135ms
135ms XHR
text/html 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjM-K3XSXPG8O8uoKxi-FZvhUjPFS9Dvt-hWUDbYQ94zGYyrof6dgYKp52OsjxbvE7Dzral3l35yVc_G1NsdEF_y7v68ZtRcwldupiYF4lGMvUfy1m4A5UcL0oJljEemkfmjKRTg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XRz9gbVvVW_9ZotPOjCGiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBi-FB_mfUHEJv53Wa1A2IhHo6VbdcPsgm8WDanh1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRqYGhnpGZjHFxgAAIa_Jzs"
content-security-policy: script-src 'report-sample' 'nonce-XRz9gbVvVW_9ZotPOjCGiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOOYKqBLnoKgVO7gig7OElvL1td9AryJopG1aHoa4OUBIy34YQaNBlKTdldZv7KXmG7jL8eE6vPAhWYXSNJP50jfVrrZ-0yE252HRpjv6uGdagYyTgLFFds4SfuYOs04_EjCuVDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9P-LJxl29fLl7lB7_Iyt8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBi-FB_mfUHEJv53Wa1A2IhHo6VbdcPsgl82Lt8BqOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjUwNTLSMzCPLzAAAJKYJ2g"
content-security-policy: script-src 'report-sample' 'nonce-9P-LJxl29fLl7lB7_Iyt8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eastleighvoice.co.ke
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 0d11748832caddd96690.b.js Show response
scripts.yehtu.com/scripts3/79835/ 28 KB
11 KB 185ms
176ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/0d11748832caddd96690.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723555f-702f"
age: 451688
traceparent: 00-97da188147bc716dbc6374c8d929b8ef-3a1733bfb7305452-01
expires: Sat, 23 May 2026 08:22:26 GMT
date: Tue, 27 May 2025 13:50:34 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:03 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc28
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:22:26+00:00
server: nginx

GET
H2 200 658a385fec78f0e1897f.b.js Show response
scripts.yehtu.com/scripts3/79835/ 42 KB
18 KB 345ms
337ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/658a385fec78f0e1897f.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235567-a793"
age: 451688
traceparent: 00-2c16222d101d94e9c847be7e1e2d084b-9bbb3afe83010dfd-01
expires: Sat, 23 May 2026 08:22:26 GMT
date: Tue, 27 May 2025 13:50:34 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:11 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc28
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:22:26+00:00
server: nginx

GET
H2 200 8b73097df909af36f72d.b.js Show response
scripts.yehtu.com/scripts3/79835/ 13 KB
5 KB 334ms
326ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/8b73097df909af36f72d.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723556b-326c"
age: 696410
traceparent: 00-6b86bbd7ad8dac180b77cf0b1285f981-770ed9ef45f38dd2-01
expires: Wed, 20 May 2026 12:23:44 GMT
date: Tue, 27 May 2025 13:50:34 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:15 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc27
access-control-allow-origin: *
x-cached-since: 2025-05-19T12:23:44+00:00
server: nginx

GET
H2 200 868bf3715e8c82496e94.b.js Show response
scripts.yehtu.com/scripts3/79835/ 11 KB
4 KB 329ms
321ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/868bf3715e8c82496e94.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 27e847108969b0bde29a39b7c686d806dcd8d985ecec56da93d21d905f9d1bc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"6723556b-2a79"
age: 451688
traceparent: 00-34ebfb56758a4fbc102e3ee0943cf69d-735d4d1bfb16d811-01
expires: Sat, 23 May 2026 08:22:26 GMT
date: Tue, 27 May 2025 13:50:34 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:15 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc25
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:22:26+00:00
server: nginx

GET
H2 200 808b8cd15765dac77d7a.b.js Show response
scripts.yehtu.com/scripts3/79835/ 224 KB
77 KB 365ms
358ms Script
application/javascript 92.38.145.145
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://scripts.yehtu.com/scripts3/79835/808b8cd15765dac77d7a.b.js
Requested by: Host: scripts.yehtu.com
URL: https://scripts.yehtu.com/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.38.145.145 Atlanta, United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d84ed37229a5ad3424b737517d9700dcc15f4021baa61b76161a198d69cff347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67235569-37e35"
age: 450350
traceparent: 00-ee123de68cc1673ee1ef0be07b299e18-9fff5b7ee37452b9-01
expires: Sat, 23 May 2026 08:44:44 GMT
date: Tue, 27 May 2025 13:50:34 GMT
content-type: application/javascript
x-shard: sv5-shard0-default
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 10:01:13 GMT
x-id-fe: sv5-hw-edge-gc27
cache-control: max-age=31622400
x-id: sv5-hw-edge-gc26
access-control-allow-origin: *
x-cached-since: 2025-05-22T08:44:44+00:00
server: nginx

GET da8470a7dda716277c26e6b5a3905b8c.gif
cs.krushmedia.com/ 0
0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://sync-service.net/ssp?token=QW2e7t5kKis0&pl=community
https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=a23a6e8bddd1f423a600d174319fe381

43 B
463 B

101ms
100ms

Image
image/gif

23.108.103.10
LEASEWEB-APAC-SIN...

General

Check archive.org

Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=a23a6e8bddd1f423a600d174319fe381

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

HTTP/1.1

Server

23.108.103.10 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Keep-Alive: timeout=25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 43
P3p: CP="NID DSP ALL COR"
Date: Tue, 27 May 2025 13:50:34 GMT
X-Xss-Protection: 0
Content-Type: image/gif
Server: nginx

Redirect headers

Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=a23a6e8bddd1f423a600d174319fe381
Content-Length: 0
Date: Tue, 27 May 2025 13:50:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H2 200 cookie
cm.adform.net/ 35 B
0 1491ms
1491ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D512314CD-BFD7-44B7-86B8-F2BB66C4795E%26id%3D%24UID
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 27 May 2025 13:50:35 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK pixel
cm.g.doubleclick.net/ 43 B
0 686ms
686ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=Yzk2NGU4ODFlZjEyNDA4MWEzZDYyZTJjNzg1Y2ViNDg=&google_cm&gdpr=&gdpr_consent=

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 43
Keep-Alive: timeout=25
Date: Tue, 27 May 2025 13:50:34 GMT
P3p: CP="NID DSP ALL COR"
Content-Type: image/gif
X-Xss-Protection: 0
Server: nginx

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cs.admanmedia.com/0a28772f54bab302b4cd3d4ab3d49473.gif?puid=c964e881ef124081a3d62e2c785ceb48&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D41783197-9E0A-46F4-B576-C7B3694019...
https://inv-nets.admixer.net/adxcm.aspx?ssp=41783197-9E0A-46F4-B576-C7B369401968&id=c35f7393-cca7-4b59-9ab4-b21456026bff
https://m.trafmag.com/images/1px-matching-go2net.gif?id=fbfc2ebce7c5452fa57827e694321375

35 B
349 B

1153ms
290ms

Image
image/gif

193.200.65.6
giveme-cloud GIVE...

General

Check archive.org

Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=fbfc2ebce7c5452fa57827e694321375
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"
Date: Tue, 27 May 2025 13:50:36 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

Redirect headers

Keep-Alive: timeout=25
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=fbfc2ebce7c5452fa57827e694321375
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
P3p: CP="NID DSP ALL COR"
Date: Tue, 27 May 2025 13:50:35 GMT
X-Xss-Protection: 0
Server: nginx

GET
H/1.1 200
OK pixel
cm.g.doubleclick.net/ 35 B
0 2138ms
2138ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm&gdpr=&gdpr_consent=
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: HTTP/1.1
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"
Date: Tue, 27 May 2025 13:50:36 GMT
Content-Type: image/gif
Connection: keep-alive
Server: nginx

GET
H/1.1 204
No Content bf9ce15acae6a411e6b220198588be2c.gif
cm-x.mgid.com/ 0
0 968ms
968ms Image
text/plain

General

Check archive.org

Download Go to Show image

Full URL: https://cm-x.mgid.com/bf9ce15acae6a411e6b220198588be2c.gif?puid=c964e881ef124081a3d62e2c785ceb48&redir=[RED]&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: HTTP/1.1
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: 0
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5
Date: Tue, 27 May 2025 13:50:35 GMT

GET /
csync.loopme.me/ 0
0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://server.smartytech.io/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D17669FAA-B4BA-4D29-A46F-9415F4FCBD4F%26id%3D%7Buser_id%7D
https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=d5bc4402-0fc8-41af-a38a-20beb1fc4197

43 B
463 B

96ms
96ms

Image
image/gif

23.108.103.10
LEASEWEB-APAC-SIN...

General

Check archive.org

Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=d5bc4402-0fc8-41af-a38a-20beb1fc4197

Requested by

Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation

Protocol

HTTP/1.1

Server

23.108.103.10 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Keep-Alive: timeout=25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 43
P3p: CP="NID DSP ALL COR"
Date: Tue, 27 May 2025 13:50:35 GMT
X-Xss-Protection: 0
Content-Type: image/gif
Server: nginx

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
location: https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=d5bc4402-0fc8-41af-a38a-20beb1fc4197
pragma: no-cache
expires: Wed, 11 Nov 1998 11:11:11 GMT
content-length: 190
date: Tue, 27 May 2025 13:50:35 GMT
content-type: image/gif
last-modified: Tue, 27 May 2025 13:50:35 GMT
server: nginx

GET
H/1.1 200
OK pixel
cm.g.doubleclick.net/ 35 B
0 2139ms
2139ms Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=Yzk2NGU4ODFlZjEyNDA4MWEzZDYyZTJjNzg1Y2ViNDg=&google_cm&gdpr=&gdpr_consent=
Requested by: Host: eastleighvoice.co.ke
URL: https://eastleighvoice.co.ke/national/155595/why-wildlife-attack-victims-face-longer-wait-for-government-compensation
Protocol: HTTP/1.1
Server: -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://eastleighvoice.co.ke/

Response headers

Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"
Date: Tue, 27 May 2025 13:50:36 GMT
Content-Type: image/gif
Connection: keep-alive
Server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
0 259ms
257ms Fetch
text/plain 173.194.174.100
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-24W9KHS0ZW&gtm=45je55l1v9167994531za200&_p=1748353828887&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=1012548187.1748353830&ecid=1079811452&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEIAAAQ&sid=1748353829&sct=1&seg=1&dl=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation&dr=https%3A%2F%2Fnews.google.com%2F&dt=Why%20wildlife%20attack%20victims%20face%20longer%20wait%20for%20government%20compensation&_s=3&tfd=7736
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24W9KHS0ZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.174.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: td-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eastleighvoice.co.ke/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eastleighvoice.co.ke
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 13:50:35 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.krushmedia.com
URL: https://cs.krushmedia.com/da8470a7dda716277c26e6b5a3905b8c.gif?puid=c964e881ef124081a3d62e2c785ceb48&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE2686680-B13A-4730-B79A-59A7FC223B45%26id%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11488&gdpr=&gdpr_consent=[gdpr_consent_109]&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DC4729463-E4FF-4B3E-AAA2-487038DEBF16%26id%3D{viewer_token}

Verdicts & Comments Add Verdict or Comment

270 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/eastleighvoice/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_d806fe9fc22e5a67d14d448f6fe056cf_13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7_1748353831_1748353831_CLaXrwEQr_NmGOagiZDxMiABKAEwEDiu_QZA8oUQSLrE1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA
eastleighvoice.co.ke/national/155595	1969-12-31 23:59:59	Name: Value: store.test
.admixer.net/gadx	1970-01-21 07:48:49	Name: am-uid Value: 5dde495a237a451ca3b8d9c82a696f45
news.google.com/	1970-01-21 10:02:01	Name: GN_PREF Value: W251bGwsIkNBSVNDd2loaHRmQkJoRHc1YzE1Il0_
.google.com/	1970-01-21 10:02:45	Name: NID Value: 524=Oqrqgsgjlg9iqp0A0YeUuisTzJV7cEMLDzVw3NhLkWHdUuCMLz9M94BGCPjLt7AHIVERsorWa_8Do2jVikiwIRkJW5DCsLTsZcZkJZ-VQM79UmGMK97p9L4gEaVRV8y8ersgxegbT9HzIeTv9fgP1t44NWbS-Auc6hRUuSyPYbAiYBR3EqhlyEKPsAebmyTZ
.news.google.com/	1970-01-21 15:15:13	Name: _ga Value: GA1.1.51132559.1748353827
news.google.com/	1970-01-21 06:22:25	Name: OTZ Value: 8100830_24_24__24_
.news.google.com/	1970-01-21 15:15:13	Name: _ga_SYGF1G18MM Value: GS2.1.s1748353826$o1$g0$t1748353828$j0$l0$h0
.eastleighvoice.co.ke/	1970-01-21 15:00:49	Name: __gsas Value: ID=6ea60b1f5eeff785:T=1748353829:RT=1748353829:S=ALNI_Mbo0ESGonJZKIcLeOz1iOgZZhhoVA
.eastleighvoice.co.ke/	1970-01-21 15:15:13	Name: _ga Value: GA1.1.1012548187.1748353830
.eastleighvoice.co.ke/	1970-01-21 07:48:49	Name: _gcl_au Value: 1.1.1616749791.1748353830
.openx.net/	1970-01-21 14:24:49	Name: i Value: 0953ef4b-78c6-4c6e-a831-a11120ab48a0\|1748353829
.yahoo.com/	1970-01-21 14:25:11	Name: A3 Value: d=AQABBCXDNWgCEFfwlL68PWRywZQ1HE6-ydkFEgEBAQEUN2g_aA3-xiMA_eMCAA&S=AQAAAqEpIuyh5hRHb8YWNKR5-Yc
.eastleighvoice.co.ke/	1970-01-21 15:00:49	Name: __gads Value: ID=38911c1f9e56eedc:T=1748353829:RT=1748353829:S=ALNI_Mbh4ZZSb-iPT1xMSAcI2MHuxxNjJA
.eastleighvoice.co.ke/	1970-01-21 15:00:49	Name: __gpi Value: UID=000010f4e19a42fe:T=1748353829:RT=1748353829:S=ALNI_Ma5AJGbhdyQwcBxg-bjutgHSUKZxQ
.eastleighvoice.co.ke/	1970-01-21 09:58:25	Name: __eoi Value: ID=29c174cdd540cd3c:T=1748353829:RT=1748353829:S=AA-AfjbVuXUvVBysPRvzGwTuqWaX
.eastleighvoice.co.ke/	1970-01-21 15:15:13	Name: _ga_24W9KHS0ZW Value: GS2.1.s1748353829$o1$g1$t1748353830$j59$l0$h1079811452$dC61R4wY20Q7tQS6G4Okg18OeCK1_zyzSXQ
.crwdcntrl.net/	1970-01-21 12:07:58	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 12:07:58	Name: _cc_id Value: 78d11729134d7b558ded6359767d4a54
.eastleighvoice.co.ke/	1970-01-21 05:39:13	Name: lotame_domain_check Value: eastleighvoice.co.ke
.eastleighvoice.co.ke/	1970-01-21 12:08:01	Name: _cc_id Value: 78d11729134d7b558ded6359767d4a54
.eastleighvoice.co.ke/	1970-01-21 05:49:18	Name: panoramaId_expiry Value: 1748958630179
.eastleighvoice.co.ke/	1970-01-21 05:49:18	Name: panoramaId Value: cf463456a4438ffe59e19cb7327d185ca02c50578040ccc725930531a6f2823c
.eastleighvoice.co.ke/	1970-01-21 05:49:18	Name: panoramaIdType Value: panoDevice
.openx.net/	1970-01-21 06:00:49	Name: pd Value: v2\|1748353830\|jEvOhIlYiu
.doubleclick.net/	1970-01-21 15:15:13	Name: IDE Value: AHWqTUm-WiTyQ1GEdt2rVQJ3NpgrpbEzMFzozS2-5iYw5npeH-PuE5u5sSxQGL5tK70
.adsrvr.org/	1970-01-21 14:24:49	Name: TDID Value: afb0a195-1f05-4a1e-8f8b-8da9c0b67fe7
.ladsp.com/	1970-01-21 05:39:17	Name: cr Value: 1
.adsrvr.org/	1970-01-21 14:24:49	Name: TDCPM Value: CAEYBSABKAIyCwiml7vPhcyOPhAFOAE.
eastleighvoice.co.ke/	1970-01-21 06:22:25	Name: XSRF-TOKEN Value: eyJpdiI6IjZjSFJjUE9qU2dub2lOYWNRNXdIRHc9PSIsInZhbHVlIjoiR2VQeTNadXhoU1MvaVEvQmlvR2ZpWkRIMVVLNm50M3dUcm1CN3czdFNxTlBSVGkxV0t6a1dvblRMdHVZV1dLWWNmNU03eTZyUzdBUkd4WUNod09JSHliVnlIMVBQekg4dm1seE5tbmFQTjlxZlY5VHJHa2VZVEVReFc5ZjVtb3UiLCJtYWMiOiI5OGY1NmRmYmZhOTE3NzZhMTZhYjYwMzQ1NmRkZGUzY2RlMDcwMDIwMTIwNzcyZWY3MzFkYmQ4NDJkYmM2YTgwIiwidGFnIjoiIn0%3D
eastleighvoice.co.ke/	1970-01-21 06:22:25	Name: the_eastleigh_voice_news_session Value: eyJpdiI6IlZqenVOWmdpb1ovSXZHaGVqUTVveEE9PSIsInZhbHVlIjoiUFpTUmxEdExueEZlZjB0d3RLelpRRUtqNkJ1YTZYYUJ6T3VmYXdnUE4zSUhUZTVsR3NrSGdpanFoK215TkxwNkNFNFEva2RSd3NvSmR6WlRhOXNRYy9mSFJUbC9Ec1VydnhxbzdKRXJTUGVjNm1aWmJaS0c3dU0vcS9kaTZ5MlIiLCJtYWMiOiIxNWI5MTkwNTI1NzM5NGIxZmQ4NDk4Zjc0YTA3ZTljNzhmYzZkNWIyMzVmN2M2YTI4NzQ5ODc1MjA2NmZmODNlIiwidGFnIjoiIn0%3D
.openx.net/	1970-01-21 06:00:49	Name: univ_id Value: 537072971\|afb0a195-1f05-4a1e-8f8b-8da9c0b67fe7\|1748353830794780
.ladsp.com/	1970-01-21 15:15:13	Name: smn_uid Value: kJcrTbV3Cq4ltlZ6PUDoNihnr1alkD0
.ladsp.com/	1970-01-21 15:15:13	Name: lum Value: CIGfiZDxMhIFCAMQ0AU
.criteo.com/	1970-01-21 15:00:49	Name: uid Value: 301e38ee-3da8-4aee-b0cd-a79b1d5d3e4b
.criteo.com/	1970-01-21 15:00:49	Name: receive-cookie-deprecation Value: 1
.socdm.com/	1970-01-21 15:15:13	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzQ4MzUzODMxfQ
.taboola.com/	1970-01-21 14:24:49	Name: t_gid Value: 13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7
.taboola.com/	1970-01-21 14:24:49	Name: t_pt_gid Value: 13579a08-d859-4457-b981-8b13f9f764e9-tuctf2f48a7
.taboola.com/	1970-01-21 14:24:49	Name: receive-cookie-deprecation Value: 1
eastleighvoice.co.ke/	1970-01-21 05:39:42	Name: store.test Value:
.eastleighvoice.co.ke/	1970-01-21 15:00:49	Name: cto_bundle Value: KUQ4n19iWE1jcFdGZDV1UmFVOHlzWU1ZWTRKRzdUNWs5SWdwNkNOaUxIcEpTWmxYNWhvZDJyJTJCaWtIJTJCaVlOY2IycTFmbjdPVmVzbEdxNEtjTjZsNkZJdDI4akY2SzUlMkYwSllCWiUyQlN3YXlDVEVZaEhaZG9RQms1NGUyNFBzM2NvblFkRkloUUFON2xiUFhpckswNHA4bkFJRnptbFdJQm9RUFNLMVpKakpjZVhMQXlBRSUzRA
.criteo.com/	1970-01-21 15:00:49	Name: cto_bundle Value: ZYnWVV94c3dOOHkyOTNtY1V5SVNaU1RZeHpoZ2F2TzJic0ZvMXNHSFZuZTBmQ2RONFhpdXlNMlZDMkwzaGRQcW45QzZnUE05UGh5MlNxcSUyRmQlMkZLd3VSenNGUkVFRnRjc3hwZWJQQlNUOGJwa0lzREJMQ0RaVUl4VkhwTm9mTzZDSWZXdE8
.eastleighvoice.co.ke/	1970-01-21 14:24:49	Name: am-uid-f Value: c964e881-ef12-4081-a3d6-2e2c785ceb48
.taboola.com/	1970-01-21 14:24:49	Name: taboola_vmp Value: temurtbnative-network
.adnxs.com/	1970-01-21 07:48:49	Name: XANDR_PANID Value: 6UVNaB7ERO24F87RG_BTeVoKq-xM5_wZGpJ8B92dYPm7ViysMZp9BvEhl1kemFQ6dQDL-FGzfnXU_iqmKt0rRxJVRf5dHqTReHrVe2QBl-g.
.adnxs.com/	1970-01-21 07:48:49	Name: uuid2 Value: 4955304585348086333
.adnxs.com/	1970-01-21 07:48:49	Name: anj Value: dTM7k!M4/0E:2jUF']wIg2E?!F6i@x!1yIE`c/*ecf[o9EVO4kG5XKUD'o)!D??h[DYf+XVv08E[/'R.FYna(Et?7HG<pI<VXz#kTa.FjFN0RurN=./%(2K:$doS]%6lP4_8M!P
.eastleighvoice.co.ke/	1970-01-21 14:24:49	Name: FCNEC Value: %5B%5B%22AKsRol83FgLJZTzWtD54IKub0uep1qbVUY0dOL-KJ1Yj03RkamtIgMSnxsxOHQeG8mv8zS1SXABbQRSFq922VzoaPezFKBT0wLMIcPfRUL_T12b6cQRu7Bv_c0xEnvVFbAIhKUFKeAVeY22E0qTTsMyYWqSlUCT3TQ%3D%3D%22%5D%5D
.ads.yehtu.com/	1970-01-21 07:48:49	Name: am-uid Value: c964e881ef124081a3d62e2c785ceb48
eastleighvoice.co.ke/	1970-01-21 05:49:47	Name: am-uid Value: c964e881ef124081a3d62e2c785ceb48
.admixer.net/	1970-01-21 07:48:49	Name: am-uid Value: fbfc2ebce7c5452fa57827e694321375
.mgid.com/	1970-01-21 05:59:23	Name: lmg_usr Value: 586e07f5-282e-4df6-879a-142634af63a1
.mgid.com/	1970-01-21 05:59:23	Name: lmg_r Value: 44
.admanmedia.com/	1970-01-21 05:49:18	Name: admtr Value: c35f7393-cca7-4b59-9ab4-b21456026bff
.admanmedia.com/	1970-01-21 05:49:18	Name: ac_r Value: CS207:1748958635112
server.smartytech.io/	1970-01-21 14:24:49	Name: uid Value: d5bc4402-0fc8-41af-a38a-20beb1fc4197
.adform.net/	1970-01-21 07:05:37	Name: uid Value: 2787419116985213432
.trafmag.com/	1970-01-21 15:15:13	Name: vid Value: 3731696760303007

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Feastleighvoice.co.ke%2Fnational%2F155595%2Fwhy-wildlife-attack-victims-face-longer-wait-for-government-compensation Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://csync.loopme.me/?pubid=11488&gdpr=&gdpr_consent=[gdpr_consent_109]&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DC4729463-E4FF-4B3E-AAA2-487038DEBF16%26id%3D{viewer_token} Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-x267DiMhkfdnJ-EkB1nYmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d875cc6e87abbbfe32d68b02f76bd77.safeframe.googlesyndication.com
accounts.google.com
ads.yehtu.com
analytics.google.com
bcp.crwdcntrl.net
beacon.taboola.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
connectid.analytics.yahoo.com
cr-p3.ladsp.com
cs.admanmedia.com
cs.krushmedia.com
csync.loopme.me
eastleighvoice.co.ke
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
google.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
inv-nets.admixer.net
invstatic101.creativecdn.com
jp-u.openx.net
lh3.googleusercontent.com
m.trafmag.com
match.adsrvr.org
news.google.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
publish.eastleighvoice.co.ke
scripts.yehtu.com
securepubads.g.doubleclick.net
server.smartytech.io
sg-trc-events.taboola.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-service.net
sync.taboola.com
syndicatedsearch.goog
tags.crwdcntrl.net
td.doubleclick.net
tg.socdm.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.temu.com
cs.krushmedia.com
csync.loopme.me
103.43.91.51
104.16.175.226
104.16.80.73
104.17.25.14
104.18.29.101
104.21.48.1
108.158.20.65
108.158.32.47
108.158.32.67
108.177.97.155
116.202.167.156
124.146.153.169
13.33.91.181
141.226.229.48
142.250.204.4
142.250.66.195
142.250.66.206
142.250.66.226
142.250.66.227
142.250.67.2
142.250.67.3
142.250.76.104
142.250.76.110
142.251.221.65
142.251.221.78
146.59.69.183
15.197.193.217
151.101.65.44
151.101.66.58
157.240.8.23
162.19.138.120
172.217.12.138
172.217.14.78
172.217.167.66
172.217.167.97
172.253.118.84
172.67.38.106
173.194.174.100
182.161.73.173
183.177.68.211
193.200.65.6
204.62.12.209
23.108.103.10
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
54.179.82.148
64.233.188.154
64.233.189.113
64.233.189.157
74.119.117.17
74.125.203.101
8.2.109.250
92.38.145.145
004322721c8557331759bc6ddaacbb689b0f0715d688aec82bd056d2d5b5cc3b
00befdce8dec05ad2c2055c4bf16a98962ab33af5c1fab45f47644dd6dc8f4d0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
15b20790a8814f6c48dc11006259ce49e6a7a2fc7d4efb678ac246135394989b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19793fa28dc161337ef315aa45c7321c0a1c231a0c9de23d3bc85e4f5fb224d4
1b88cf40094e930cf8d8d432ebac42b31046e03d40a49065246489dcb64e8f19
1bf1f03b1032c3915a6690cd36b0ba29edd8feefd6169c3b6bf2f24a9fdef64b
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8
1f93cf3cbac70e0dc8366cff8480834f063743614e06949e8700335cae01425f
2302ce79606b21a9c866819a48148b79b3a743283ff5a840a77d3fd4d52b3c2d
23d2e77961e64829183d726e3ceb51d27e07f8da186d58bc72dbe3c629dc5022
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264ee31b26ef02cf46b0a7d385f6416254a2830f7b997f665d33271a227422bb
27e847108969b0bde29a39b7c686d806dcd8d985ecec56da93d21d905f9d1bc8
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2dc158387ab60c273019e6efd6156895e87bde346452bf7575cedf7b932a369b
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
30e6589d506b31c185bcd6ec2a513b0e4d86fa7d32e1c05a803813dffbd1a758
32bb7cb99bb2ffb5b46efeed845a241336eb27cc959be9865c6e17629dc36e33
3319f85d17eaaaca794ddb7172bdef744fbccf1f6853bccf3293f75837a52107
3698ce126bb838c3e38999d169d530fa3f153785168a15253c0685f8b7ccce14
3720dd359056e021bfe3bef07ba58c8e960cbebf30e2b786f46d8f10b52ea8aa
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3c0e5ba24caacfcf0ab379f7a8ce9b7912eb81c337aee8522b3256af9d167e47
3e79535a24928a654e7afec5673fc1131770b3da730bd92a215f84d020834d92
3fa9095cc4bb8dcfcac1d4cd5cc51e74217113180ba61a3f23c38c83e1739f2b
4069f5f7911fdcf9fa0dcdc5285fc395f1b50e43a901a364381b73e67d092574
4150822dc5828101125b84c314da9a0a8728e9e273cea8cff07f0eb4872eda5a
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
45a8e8fb15366675dd6fb95ecd30559dd2daef918bf9249c7fbf2f28858159a0
4714624e93c2adbbede55e80806f51f61ec0853fe89a9920a33f4a53201ed6e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2cc16b87d3f592e8775a33b10cdcf583b507ccc15fc697f50ec97c74c38ed3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea94890f416dfcc8d5eab3b357ec1abdee7d4c6422820a3db9207b7157c4fa8
4fb7e9a16bedab3f286cdc8a340140ce22737bfd0b0439b9afbeb63af07f9f87
53a106de504e8997d822867ee2e6ffc91f3e8ada24a258334b2a355642eb8980
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54c9b3c957e28e867df94e9673792a2bcdc34892d62de6687c8f0a7e2d293381
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
5bd1f7370fda2d955fbb9f84930d03e0adc4ca91a57359ac65ec61b75b367ad7
6080f86a2ec53b00f50cbfadc95448c225f5d4e8b1d9e13444fa9a8e833b0193
608770fad12c8d699ca6395c72b19aca5af82cf36636e05f49169a14b98538c4
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
664682042f383881d05f56b719bb323c90f319a59a822a57a5ea2abfbc1fb99d
681ec2d81bd8ff4aa56df1b1f9c86613230035e7697484523e7c8088930d643a
68adff3764fabc7d1f20f851f6de1bffa03486e21eefd37402f118ffb2fefe48
69aadf1302439c3c5bc3c371b057bbdf2923a7cde078e901393e0ce5201e35c2
6a4ed15c8ab1ecf4757d61dacf32acc5bf6bdb773d979e98581b0d6b050f8c82
6ac8891574bd35cb8a15af8e214ec751a1db35c59edbaf8b816d3d4c50a54089
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9ae1fa0d1fc51ee0ad3feb565083bee200289c71bb346020f9b3d80cf73636
6e763114762011985518007523e50ad5db3f86101e98cee9fbccabeecd388589
711465dc4b86846a860963de8008f3f7386989cbf22b9f59d8c2648cdd09afcf
72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73dabaee0dccb38a258efe0ab6b01a328cff0a6fab3d17b00eb6e5b43da28869
7544553df62af8e45e908f5ae7a7690d4ede85b56854d4c9cb86d4e192fa94ab
757c960ca00a6ebe5f70a01f16f6d007b7afa89ed9799e38eb1831ab4e561ab8
7b21d44f51b0d9e4ccf30234dbdfb4f881ae98b6bf5c5454920769eecbc109cc
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
7fa098fbde1dd8f8053e4f609e26fd0b6f569cfff3ce1f8fb7f2a8ec888a848a
8250169f5e788cdd39790a85d347bacd84f52f27d17ea9187cf063c2f633296c
82f7f567dd3373038c1fcd9eaed8d030b609164615ead1b68195bf8bd46c515d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fc387460bf7d0354d7068e5edab7c18be6927fd603c1f6f97f294d9c62a82
85b9500541dd5426ebcb25cf8c53527592f12001605deb00005f4049b0edb645
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872c2243a3a89f9f017a6397c835014e0664b82be6540187d5f81f3e028b49f6
87f638e5a186f759201425a733dd4a8fca0ced6f7c1e7cdabdc8413a2d0530fe
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
904cc7c4e1d9895d6f824b2590b62d0f24bb4440eae9ffdd3fc2ddfaf0ccee38
93cfceb9814fd5ab989049bef9838061d1e2448453093a95ea179709ee89eb75
9c4167c9c6ace3be6d46037c808bb0062ddb1be2b293513b52f0d733facfbc9d
9db1d1c06b354247e2ece4380dbe155e43e7727ab219babf30a0f315bc43e29c
9fb7de40e483836cc19cd29de65526ac6d2799f551cbb8d9605d28078e206977
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
a11feac2edff6d483f55354f6da985d0aac66732ee6ee2d55867a9e1b38654be
a1eaab8c8682f4c3cea300b40aa92a09eefb78c126d2b73299cb92dd95c533c1
a38476dcbd8462d7d445bf05b9c97256b865a86f847fbf3fbf543b6f07f06b5f
a39846da715b8e6834b957d5c6aea4bd283da442b0e56e89b2db375e0b848312
a3b907ee6b061a8cd6b007bee5c8546794e9bbba27fa7c0d744bec407b5b7615
a5cef51b0855023a92c51e16bf26a6231b26ffdbcab6f335aa1e38cd0d6c1597
a6b0af6bc7027a520060d17b3dba0fe1b341c5366c863fe32c0db3d10a433da9
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
aa64a4aec31e212ad343ac21d26c41924c81dc63ca30b05a8c53eb2756cb9b60
aa981f57b9f4f27cb54004da1c74bd5c3bd96e05c481a12e64c315ed9670f375
ad54c3d6304bb8e9633c9d2790f7588a9144e5950adca78b0cabcda9cda92457
adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4
b21238fda89ecb91849c46b402e407e45a203b66f2190c3b956b3bda9fec1a9f
b2245126fe88be979d1fccede0c29d3dab91e363e9b684c4135a0864ddb7bfd5
b4d1ff1946ecb45d411e389e00db23400d9b88e7599dc896683bdca1ef9beadb
b51cbf12828a7779649af59cd4f16f4ae2c5bd0e5d59f594bb605e08734de04e
b60531a963aafd353b4e04d81e2c3402d6c4356483f086ef40ca253a585998ba
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b77e839aee33d67ff170eff4e9b2f24dd7346c312d0e982e90f1a5c70911f4bc
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d
bf4eb6049325d3e479c1fbebc35d1b47f399a21cca74ed75bf7e3a4365cddf21
c3cfcb9c36740ffabea8d5e6d4deb3c040834b0b4f4a48d5d91bde7e792039cf
c3f8c3da4430d08cda67d76bb22d139eb22bc7f85fb703e2121163dd2ffac787
c56433b01c5d7a212744d09a96f601232a5f9a34147c927997d9cdffd6cfb097
c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f
c96857083ddc556582862f666dee1d2f385dc810a2bb1681de53d35fe85f41f2
c9b9ed538ccc8dc1ecc2e72eccf3f2e5546365f2e2f8739cfaaaa8c16a25eec7
ca43e39e9c968a87532575c7e281ab3712ccf3b31db24b245682a72f2630ac78
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d299622c8d59bfa5b7e1715e6a8ca049e8b8a35b4ff0aab947da8e0f50fd4e95
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d84ed37229a5ad3424b737517d9700dcc15f4021baa61b76161a198d69cff347
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d89cc44b81086ac7b43f927d4e3da89c6acffc1921e3e116215f0f0af1274776
de889ee17ae3db1ef6265e88e57712c101816f470069300ae222646a8f853c03
dfb1e01b621765c78a051d7744197bdee1e411a436a4445e25067ef83d89df50
e021cf3ee08b725c23a465eda2a33b3f7c8797b9feaaa193dc432fe43f166163
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ed6cc2a13fd1de0a856298c57440fb4c9965bf97cce5081c491d89503712b6
e5c4a6a6cebc10f321441e5307930d1b83e5ec7d1fa261d1926fbb6b608cf11d
e5d6272b39ba6ac3d0ad3eb9a7d81b1bba4aa88bec6e58b6aafc20b8019968e0
e6a7c3f66c7f885e72dbb256feea0dd0acce8f7ca8815a12c2df8c2f105c878b
e7a29f9eb459b59fbc1e10490101b4cb15c707cd43726573b71fa37c3dc1ad4b
e85f2ae34f4130d556d41515cf2f10770c2eec8fe152dea36e8bba1a3ceb9896
ea2eb194f721917932941a998262077a3ede3fc35c39697b552550ddd2a9ed8e
eb1f80a87c1c1aa2321a9f65d1a9c9733f99eb3419cba62b85a545f8286eb650
ed047c222a6fd81a15a8c6a7346d2978743f9582303805d6794f3e1aecad0e89
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c845873bf9ffdbf537568bedd864ac7fc524260c682c88221ebcfe13e3edd5
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f43e48a04f7789be768239b97dcf95f64b941c979cade850e06c16344c50fbdc
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb23fd284365260beb2e303ea5530e146e544e8bc2fa037000d4ce7d76a79e00
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

eastleighvoice.co.ke Open in urlscan Pro 104.21.48.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

242 Requests

79 %HTTPS

0 %IPv6

40 Domains

65 Subdomains

50 IPs

9 Countries

4129 kBTransfer

11219 kBSize

59 Cookies

22 Outgoing links

Page URL History

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eastleighvoice.co.ke Open in urlscan Pro
104.21.48.1 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

79 %
HTTPS

0 %
IPv6

40
Domains

65
Subdomains

50
IPs

9
Countries

4129 kB
Transfer

11219 kB
Size

59
Cookies

242 HTTP transactions
3 data transactions