urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetaexpress.com Open in urlscan Pro
104.28.1.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gazetaexpress.com/
Effective URL: https://www.gazetaexpress.com/
Submission: On May 15 via manual from AL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 9 countries across 34 domains to perform 290 HTTP transactions. The main IP is 104.28.1.182, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.gazetaexpress.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 24th 2018. Valid for: 6 months.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 110 104.28.1.182 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 104.111.242.245 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a03:2880:f01... 32934 (FACEBOOK)
29 208.88.224.28 40824 (WZCOM-US)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 13.32.223.184 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 173.194.76.155 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:31:... 13335 (CLOUDFLAR...)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.133 27281 (QUANTCAST)
1 13.32.223.249 16509 (AMAZON-02)
7 2a03:2880:f11... 32934 (FACEBOOK)
5 213.19.162.51 26667 (RUBICONPR...)
1 2600:9000:20b... 16509 (AMAZON-02)
1 147.75.33.239 54825 (PACKET)
1 2 104.125.24.244 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.177 27281 (QUANTCAST)
1 147.75.80.178 54825 (PACKET)
1 147.75.81.98 54825 (PACKET)
4 19 37.157.2.235 198622 (ADFORM)
2 185.29.134.233 30419 (MEDIAMATH...)
3 213.19.162.47 26667 (RUBICONPR...)
1 185.29.133.58 30419 (MEDIAMATH...)
13 37.157.2.248 198622 (ADFORM)
1 136.243.39.93 24940 (HETZNER-AS)
2 2.18.233.201 16625 (AKAMAI-AS)
3 185.29.133.33 30419 (MEDIAMATH...)
1 136.243.51.216 24940 (HETZNER-AS)
3 23.210.248.82 16625 (AKAMAI-AS)
2 2.18.171.127 16625 (AKAMAI-AS)
1 3 136.243.51.211 24940 (HETZNER-AS)
1 3 136.243.40.159 24940 (HETZNER-AS)
4 8 195.216.249.67 47268 (ZANOX)
2 2 85.10.231.199 24940 (HETZNER-AS)
4 46.18.188.30 60220 (AFFILI)
1 37.157.5.72 198622 (ADFORM)
2 85.214.124.106 6724 (STRATO ST...)
4 8 172.217.18.6 15169 (GOOGLE)
4 46.236.13.147 24931 (DEDIPOWER)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20b... 16509 (AMAZON-02)
2 46.236.12.250 24931 (DEDIPOWER)
2 185.29.135.48 30419 (MEDIAMATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.230.142 16625 (AKAMAI-AS)
1 213.254.244.18 36062 (DOUBLE-VE...)
1 213.254.244.15 36062 (DOUBLE-VE...)
1 213.254.244.12 36062 (DOUBLE-VE...)
290 57
110    104.28.1.182 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gazetaexpress.com
www.gazetaexpress.com
5    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
5    104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
t.teads.tv
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    2606:4700::6810:cda5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
8    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
29    208.88.224.28 (Fort Lauderdale, United States)

ASN40824 (WZCOM-US - WZ Communications Inc., US)
aj1431.online
4    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2606:4700:30::681b:ac79 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
adxbid.me
1    13.32.223.184 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-184.fra56.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
6    173.194.76.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f155.1e100.net
securepubads.g.doubleclick.net
5    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
3    2606:4700:31::681f:4b3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.televizioni.tv
2    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    91.228.74.133 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    13.32.223.249 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-249.fra56.r.cloudfront.net
certify.alexametrics.com
7    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
5    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2600:9000:20bb:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    147.75.33.239 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-28
static.hotjar.com
2    104.125.24.244 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-125-24-244.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    91.228.74.177 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
1    147.75.80.178 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25
script.hotjar.com
1    147.75.81.98 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-30
vars.hotjar.com
19    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    185.29.134.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
3    213.19.162.47 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu-ams3.rubiconproject.com
1    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
13    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    136.243.39.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.39.243.136.clients.your-server.de
hal9000.redintelligence.net
2    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    185.29.133.33 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
1    136.243.51.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.51.243.136.clients.your-server.de
hal9000.redintelligence.net
3    23.210.248.82 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-82.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
cdn3.doubleverify.com
2    2.18.171.127 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-171-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    136.243.51.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.51.243.136.clients.your-server.de
hal900010.redintelligence.net
3    136.243.40.159 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.159.40.243.136.clients.your-server.de
hal900030.redintelligence.net
8    195.216.249.67 (France)

ASN47268 (ZANOX, FR)
ad.zanox.com
2    85.10.231.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-199.clients.your-server.de
pb.media01.eu
4    46.18.188.30 (Germany)

ASN60220 (AFFILI, DE)
banners.webmasterplan.com
1    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    85.214.124.106 (Berlin, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: h2491987.stratoserver.net
banner.congstar.de
8    172.217.18.6 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra02s19-in-f6.1e100.net
ad.doubleclick.net
8019191.fls.doubleclick.net
4    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
3    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2600:9000:20bb:c200:9:352d:a240:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
analytics.webgains.io
2    46.236.12.250 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-12-250.servers.dedipower.net
diapi.webgains.com
2    185.29.135.48 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
mathid.mathtag.com
2    2a00:1450:4001:81a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
w-it.m-t.io
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    213.254.244.18 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)
tps.doubleverify.com
1    213.254.244.15 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)
tps20229.doubleverify.com
1    213.254.244.12 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)
tps20229.doubleverify.com
Apex Domain
Subdomains		 Transfer
110 gazetaexpress.com
gazetaexpress.com
www.gazetaexpress.com
5 MB
33 adform.net
track.adform.net
s1.adform.net
193 KB
29 aj1431.online
aj1431.online
31 KB
16 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
8019191.fls.doubleclick.net
91 KB
11 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu-ams3.rubiconproject.com
eus.rubiconproject.com
17 KB
10 mathtag.com
tags.mathtag.com
pixel.mathtag.com
mathid.mathtag.com
44 KB
8 zanox.com
ad.zanox.com
4 KB
8 redintelligence.net
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900030.redintelligence.net
12 KB
8 facebook.com
www.facebook.com
staticxx.facebook.com
969 B
7 facebook.net
connect.facebook.net
189 KB
6 webgains.com
track.webgains.com
diapi.webgains.com
30 KB
6 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
tps.doubleverify.com
tps20229.doubleverify.com
66 KB
5 gstatic.com
fonts.gstatic.com
65 KB
5 teads.tv
a.teads.tv
sync.teads.tv
t.teads.tv
183 KB
5 googletagservices.com
www.googletagservices.com
123 KB
4 webmasterplan.com
banners.webmasterplan.com
3 KB
4 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
351 B
4 google-analytics.com
www.google-analytics.com
18 KB
4 onesignal.com
cdn.onesignal.com
onesignal.com
60 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
89 KB
3 televizioni.tv
www.televizioni.tv
3 google.com
adservice.google.com
www.google.com
538 B
3 google.de
adservice.google.de
www.google.de
389 B
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
31 KB
2 m-t.io
w-it.m-t.io
213 B
2 webgains.io
analytics.webgains.io
24 KB
2 congstar.de
banner.congstar.de
2 media01.eu
pb.media01.eu
2 KB
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
6 KB
1 quantcount.com
rules.quantcount.com
336 B
1 alexametrics.com
certify.alexametrics.com
528 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 adxbid.me
adxbid.me
254 KB
290 34
Domain Requested by
109 www.gazetaexpress.com www.gazetaexpress.com
29 aj1431.online www.gazetaexpress.com
aj1431.online
19 track.adform.net 4 redirects www.gazetaexpress.com
s1.adform.net
14 s1.adform.net track.adform.net
s1.adform.net
www.gazetaexpress.com
8 ad.zanox.com 4 redirects hal900010.redintelligence.net
www.gazetaexpress.com
hal900030.redintelligence.net
7 www.facebook.com www.gazetaexpress.com
connect.facebook.net
7 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
6 tags.mathtag.com www.gazetaexpress.com
tags.mathtag.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.gazetaexpress.com
5 fastlane.rubiconproject.com adxbid.me
5 fonts.gstatic.com www.gazetaexpress.com
www.google-analytics.com
s1.adform.net
5 www.googletagservices.com www.gazetaexpress.com
securepubads.g.doubleclick.net
4 8019191.fls.doubleclick.net 2 redirects www.gazetaexpress.com
4 track.webgains.com www.gazetaexpress.com
track.webgains.com
4 ad.doubleclick.net 2 redirects www.gazetaexpress.com
4 banners.webmasterplan.com hal900010.redintelligence.net
banners.webmasterplan.com
hal900030.redintelligence.net
4 www.google-analytics.com 2 redirects www.gazetaexpress.com
3 pagead2.googlesyndication.com www.gazetaexpress.com
3 hal900030.redintelligence.net 1 redirects www.gazetaexpress.com
3 hal900010.redintelligence.net 1 redirects www.gazetaexpress.com
3 eus.rubiconproject.com www.gazetaexpress.com
3 beacon-eu-ams3.rubiconproject.com www.gazetaexpress.com
3 www.televizioni.tv www.gazetaexpress.com
2 tps20229.doubleverify.com cdn.doubleverify.com
2 w-it.m-t.io analytics.webgains.io
2 mathid.mathtag.com www.gazetaexpress.com
2 diapi.webgains.com track.webgains.com
2 analytics.webgains.io track.webgains.com
2 banner.congstar.de banners.webmasterplan.com
2 pb.media01.eu 2 redirects
2 cdn.doubleverify.com tags.mathtag.com
www.gazetaexpress.com
2 pixel.mathtag.com tags.mathtag.com
2 hal9000.redintelligence.net www.gazetaexpress.com
2 t.teads.tv www.gazetaexpress.com
2 sb.scorecardresearch.com 1 redirects www.gazetaexpress.com
2 onesignal.com cdn.onesignal.com
2 www.google.de www.gazetaexpress.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 cdn.onesignal.com www.gazetaexpress.com
cdn.onesignal.com
2 fonts.googleapis.com www.gazetaexpress.com
s1.adform.net
2 a.teads.tv www.gazetaexpress.com
a.teads.tv
1 tps.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 pixel.quantserve.com www.gazetaexpress.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 sync.teads.tv a.teads.tv
1 static.hotjar.com www.gazetaexpress.com
1 staticxx.facebook.com connect.facebook.net
1 rules.quantcount.com secure.quantserve.com
1 certify.alexametrics.com www.gazetaexpress.com
1 secure.quantserve.com www.gazetaexpress.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 adxbid.me ajax.googleapis.com
1 ajax.googleapis.com www.gazetaexpress.com
1 gazetaexpress.com 1 redirects
290 60

This site contains links to these domains. Also see Links.

Domain
www.meshije.com
www.shkabaj.net
Subject Issuer Validity Valid
sni27209.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-24 -
2019-07-02		 6 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
teads.tv
Let's Encrypt Authority X3		 2019-04-17 -
2019-07-16		 3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-22 -
2019-07-31		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
aj1431.online
Let's Encrypt Authority X3		 2019-03-24 -
2019-06-22		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-02-20 -
2020-02-20		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
sni54764.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-02-08 -
2019-08-17		 6 months crt.sh
www.google.de
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
certify.alexametrics.com
Amazon		 2018-08-23 -
2019-09-23		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-10-02		 2 years crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2018-01-26 -
2020-04-16		 2 years crt.sh
*.redintelligence.net
Go Daddy Secure Certificate Authority - G2		 2019-03-22 -
2020-03-22		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-04-25		 a year crt.sh
*.doubleverify.com
DigiCert ECC Secure Server CA		 2019-01-22 -
2020-01-22		 a year crt.sh
ad.zanox.com
Thawte RSA CA 2018		 2018-01-03 -
2019-06-26		 a year crt.sh
banners.webmasterplan.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-02-21 -
2020-02-22		 2 years crt.sh
*.congstar.de
COMODO RSA Organization Validation Secure Server CA		 2017-10-24 -
2021-01-21		 3 years crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.webgains.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-18 -
2019-06-09		 a year crt.sh
*.webgains.io
Amazon		 2019-05-08 -
2020-06-08		 a year crt.sh
w-it.m-t.io
Let's Encrypt Authority X3		 2019-04-14 -
2019-07-13		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://www.gazetaexpress.com/
Frame ID: 4665C2E1C8C536E76287CA9B8DF2F97A
Requests: 176 HTTP requests in this frame

Frame: https://www.televizioni.tv/embed/9ep7L5nMpOm8NMP?feature=oembed
Frame ID: 331CBA1BB524A890A2E7809FBF8C54A7
Requests: 1 HTTP requests in this frame

Frame: https://www.televizioni.tv/embed/YOQc6RsR7pKXul4?feature=oembed
Frame ID: 2B2C00AED6C85AB6D456F0CC31687DC7
Requests: 1 HTTP requests in this frame

Frame: https://www.televizioni.tv/embed/HlgIhi1s7Iwc5Np?feature=oembed
Frame ID: 3C55258F99E93E05CF78A26A0F45C6C2
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: FF1ACF8D265E5482688ED040AB516D8A
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 3304A52D3612B6F6DC7E11A8481C80E9
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zFUCxkZZswo1Nj0bhstRwnqt8UDhglEp2lDgtun9PAqAdjDVedLacDVjB2uxVavhe2ax3vK3ixN9OFEV-nxVdmZfgORvHRMz1-Z4WDtMJxwLMBvrsxQ2vPvDPb1WWB1pQklrSVUjylJz2cSSwCpzzo1gFneUjo8VQV4IYWfkCgv1XBRsr1bLO7QLy5hR_8I83kJrlXEjYbpusdarsBc4aWUyrykXmVoAE6tMWSGljcm6ryQy9SXaHkdUqZ_tMGPJLw3y3X2QZILO2Z0TJCso7v9oga3y5wq9M2L4_UHwAidYRSFiH3vmzFixqOC1e2q2ASXw?DC=WZ
Frame ID: 7DC2A611A5FBA85B6E54370C40456048
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zScPTgZK-gIYsXaB2bnQyceXfeIzTg20migOSmybGYWy5qSRI69i8GvX2qqmkSWybQ7Lg97FdgCC6gwrnw1UguAkcF_spBvWS_dI3g6wAh0-iuyCg253Z9Tosq3AO0pMnHzryjJpJ5gQQG8aESwE7640A61XYscnF_H8yp_-YlplrpsGyKJXlRmcE0-qzblueniQVNZrYVn4oivwjras-5KOiQl3dfNCKJST6W7Osjy28Dq5FoEnKrZOMiUKNvg36S1Uqe9aBkKageHfCC-j9NsxzY5_HyTX557tfEU8QrZBDuBuuCOtDZw9KoYvJHLrDEJk?DC=WZ
Frame ID: F56FB41DD98FA33355274BA192AC4D06
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6B3FDC9F3234DB8860F25CBCF8306670
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: E75DCA716F6B7BD4A543015FFD8EA863
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdteUHySmqQe_cXpdU_bFiR6D1QyjdkTos9oPU4ex8MrXk_qa8Ey7Hz2GAmZfINCr_R-zgsLL8VoygTVUGN38Iz0IZtP5DlmHQsntAau4bahQtym9_UlYENiJA8iMVJ_NKuGrdctED29VI016y-GUq-csZZjjc1_OIPIEuKP8npwKDgH2EXgEl_yamgQVBcN1OSZYCe3Gsn2qIK68BYt6NsXC1beRLAIIeYqcIIZWRX7SI3twHi9c8R1gSyGQ8_5-Taq7vTWATVn2fJyCydxPl93g7Tk5qx5Lw4w&sai=AMfl-YR2jTQIQTfnxA9CylRTWRJqp-Wb-xXQvq1nBtbGdPLc0SYHnmz3maUnmbIW_R2jlwwT7BxUcNbFiHDcf0dNmkq1KgAZmMRHPGX_O20G2w&sig=Cg0ArKJSzCAncNMck5FfEAE&urlfix=1&adurl=
Frame ID: 10239782869D4496171BA2CA758416AB
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV2_joxxDF8_WYYyHxI1KRC3tsyzV4YJM7_OW-Buq7aFv2SUAf6PptcyrO9pylFdEfuqFBKQV5pVp33PU_1426fs8BZ6dZ7AQ6TNB9SyzwHDg3-alROSUgq412ibVw6MYneaEu49TWEX1SfQfTbQ98H4JBuQCXS6FNgNTydUFcJglEKj0R9AWSv-7p6JeNTFwiEO9wPYDZO1F2N-SJehoJYFOngGeaiGDUGda3TjvpLnWz7pdODOujLafoUhJZVPTQKEHid6aOAiiyMcM7MOcQK3dWMkF5QkZw1Wh9YKha2Qw&sai=AMfl-YTRtuHHP81vw6yxC7ZCrAb6Qoew-sE11xePwNdO5DWW4nGppZUSy5pk9YG26HMg3xL2h9e24nu0539wBCajIdZm_2NwUaA2lmZmduh28A&sig=Cg0ArKJSzKPLV-zmA0_NEAE&urlfix=1&adurl=
Frame ID: 359A8256BF28CE5A55A5913299C06BD5
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvibClsMlCs9YlIcIsV5YhHyf3jfxuodj-5NwlIi10LYLVuJLz-8Jhp8DiLOXVuZFswOC1k8FsQ_K3WxbY-QkAKffkO-qI4N6X8WXHBmiY_TWa3HutVoeE3gKia0RKz_9AhwIrFJCRwuz8E-BWC1OEj_SIscwGASe6NpOjP_po1f0ioJ_ImK019SVmTk6Ro27x-431l_1sRK_MSNDdDfjDcelcUf7-fXcbfis-R_y9_mL3b-MC7zALJ-_10Ztrv4fb5LpmW0i1HkX0AjStYp7dM6zorK6IAvwZ5&sai=AMfl-YQD2XmPbXZj5yk7FEHt2ofqjviyzl_ipMaNEyTcm-KNVtjbROBQtVbyUAFB2SzYTIqAp1fMqxDlzeVF7uV3I_iYwC8FtESXcQ3KClCoBg&sig=Cg0ArKJSzEvbkxPBhZ2lEAE&urlfix=1&adurl=
Frame ID: 025D553AC58CBECA64874BADCCAAB61B
Requests: 21 HTTP requests in this frame

Frame: https://aj1431.online/z90lKdJQ6c_EcxK3nd1ey1hsUpOqhx6Yz3vX_rtWuJTGRzkGmI8fVi8ORnsH2pyM140IyLvQbG4e54yuRotSOaYt_etzNMhmhCinSkQNkfKRknKgj9wa1ye85-Xvq8NNeaNCPN6lax2Z99Pi4AytDKXXukfF-0kOd8_0519Gsi7EJfpj9svCyJPATG8pgnZsSpVT1x_hlYjp6C8KnH66EMaPAwiiB4tljMewRPt84Dyoc1OFdW_uRqBNO_G1Z27--VypNKwO3_FtEFk2kh88sltTrLJnPs3Bwx9BzqLEbEL_0UoXUKJoZn2_ISxNO-DyI_cg?DC=WZ
Frame ID: DFC625A54F864CEFBF8D7070EC89FDE6
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zAKvR0Y6oICCWXNRlwW-0DAanfsY5p6iunPSBDD8gaYC2-t1bmfH4IJnXfQVUd_I9CIExDS_-IPd6jUetAaeqpAjhTFxCA5R-ocB5i0ioCBOLlZrH_vRfuigouag32J9s2mR3jUETCc4xM0ap-vo_h8n7FXqVTsM9rmOgOj-b-uNbDBbRm9ZbiEvbC3w7FekvweTrUuFGNhjsL1SeQ64_JGQwlhKivVTkdtoRS9zXJr8zFFdJ1ZkPtpAOOgTq4yhb29kpQpjJyuJd7rMvwbau-E59efqcguquTKT4SZ7qp3yB0uhu2CtmHHC8wrbm4VahX5Q?DC=WZ
Frame ID: D90A7A8325043DBC07F65428FF4DC5A7
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zt1TNtcAfNaRTKdGGI1hCE_kry_v_XbblMKCKa_XTBUdEle-KnOZ3u69H5R9TrpCC7azoI3fbjvrDIYMG0btOio5tr3Re7m9woJxBANKGOcTVfhSAPwRiadijka_jE3-HLLyPGjUr5Kg9mpzSSDeBjF4x5MnapT0ul5NzjkiGV2gH3vKSWwG2SXm09kZ1PiHQO5lsRCyujFMhnuR_cwVl_07iNuhX1ZXb1ztmnB76sxMf4ElIoRiXEYtq0rPprNpSV_LoJCat0t2oVRZdkJBD_OadBHawcBZQP5W2FmOdfv0gIh1DoxnzmjABzMwvyJUj7E7y?DC=WZ
Frame ID: 35A55EBD397475F0D2A725988EC5BB6F
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/z-IcjiDQLWdh_JThzWLfdc2TPdszC8nKLauXBBeuPt1xXYYyOrV8tkKv-mKFusJ_jwJ1e6MMBOEAMSsZIcSb_wZuL5iOY-PhXd6XLk8MQvnPaEmVZYnfsaF5euNkfmBeti4mA1ySAjr5KQToy-9C0qu09X4kfO8mDX0q8zKuwbMk0XOMVRZl9WdOAFXxqpI30fk6VUTElROJ6P_ouDiBJVbxUyDgPO-wUeR7cPTCR_gi4F6wfHEeZWWpxsI4ymFvRHc-u9mSU7Xtv8BqyDop7EtTNK0OQebZugYDVGYfaxJomMtW40v3TGD34Pwrq1Ta86M_h?DC=WZ
Frame ID: 85B5105D916851824501964222A3B6B3
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zqZpiD2_SivSqYaLlY7UfC7Tt--AwHWyLpU9sLGjj_JVNRJQna_m96OlO4xHbCZhkg1i_vr0jIpIT68z4FAw5CBLIU5UaKO5l_-PN56pUw-2VHqMXo_iBsisNTTxqZLJ9dKKDeVKS658rJLP6ldjY2gj4W1lKCW4oDB3fsJEtWGX8s6hVCTLQwAAlaz2Tu4N2FyxuCpvKpjwvqyTNbJBHnH1WbH4903rc3uDsdM1AajMWoTLQszTNQ8d3iq1UB2q5LKE5xGopE6skf5JXu1u3XY5Gs703m0fwUf_NyDXAqSTXYJ9jPkhwL0yBocRDiCdhmTCP?DC=WZ
Frame ID: E4030E86A4D7E8DAB27414A4470A4CB6
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/z-jBZz2psk0FijCilOW1HTPSCnIY0TvzvvDVitHTCYFJfNFBnpxZIkXleXjl4OBq3NoD25_-MjfRdL79IxtwtVRWcMNSpyt5cQqrRBqaUjO-c70ndTUfHCA_sUY7cQtjlw1isrk3NkvQlnze5YQ-ai5YjXPblwdUvAOZ8HDSC8S5wrKPs7W662E25xfA5AlTu2GZmHBd0oCtdaehDTYKIXwgkARdXN8RrvIpkCGA0oasvzRPB0w2QbIosgAyMbxaNQJZKyhu1FURQUO8Xjx3BOcrmS7BfCOCDXVv0MAt4qjrZyoHgIa3G_OSfnbnM7-3SHDg?DC=WZ
Frame ID: 737336597AB7FCFCB788B7C48AACD62B
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zgJf8X3r2n4sLM9OeZxQeRUt-jxvC4a614IMBghbBJw-h4OM8ftX3_YoAszWMnJOXSCwqLupD-EJaN_aCwploj3rWjPC4kUG5b1BUqjIkw4O1X_2g_7ayoMxztMa_-9FXUK3fjbILabQYlmIR10bgKWIuE9lcg2KcsYgQJCZfLuVj8PpzaaUGYUEjMfqEq3abbOUKaD36SemVfxuQpeN26BoRxdAUZe-2ah78PHr7H_wOh1GV27kvNI3O1Oy5ajrH0l3kwm8gRQ-N6mnmbSpzhXK7qs6pzxoCmC12JJe31-xGhpunJbWjQljjoQ_DqRdWLo6u?DC=WZ
Frame ID: 58385863123BF9A6A44A303E477728CA
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zJGCSvOkvQQwUbbrnK3uhJ_zVJNnQ3P3BBnGD_XnjCxlytTOjsyhrD6DZF0X-6JAtdlOrOlHtNCCruFMPkBZ-4Zq7u_0R3wPOiMagYMyvnUqd3RU27NML5e3_XQF5cqNpPHunReL8VIN-_tqUfQHWzYzt9gxSs0uXxjiSRz5nOXmOSL7fj6tIxzuNnipt8Zkgi8O5AUBNjfW8v7VHybpqCeEP8cmCXABvu4HLoHD1dVpl7vTOsugYEwPLvIraf8cs0hVVa3dVeznaA3Yo2Poh5Ign4zIdB7MCZAsKQfigvaUaoPjain_Oh2ZL6lDrfR2vpCo?DC=WZ
Frame ID: C9FE3A2BD851B2352F3C1B0A0CED0C8A
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zm7nTb05yPygr0wznsHHNFJjWK5f0a7Zj42j-Kfw2LFlncxAecTGRlARYFvhUwEv_zOQT-yFCDSaO6bfBS8j8UyMeMAi1tGLdE7Dd9h8E7KpMn6e6eVxUSPHZ8ItXbIJUt3OxY6o8-O0ed4gVZFNafTv_CWN2wTQxQ1WbnU9uTndfC3jwNqtgKsC32FtzjjcFEHfirg4cycW5Ijq_zdJN-W5oycK4T6M3AOF4muAnxeg8V_wYlK0ENOood-sYD4Yre_OZQCrhxdnGfgbpyLPazAQaul2X_CHop28njpg6rWeKL_WrQbkr5i_Wg8wqcFjiqsc?DC=WZ
Frame ID: 1A6011542BBE1158D545B45360A8B7B5
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zLcvfPmDqYUMMDhftIpRsbFnvycqAWD3xT1yhcipGEkJerG6Ly25YFect8MDEw4uduNAjD4r8rg68LfFLOLFWfVVwywLsFW6qOrWEMzSAACaZvyi1moVeAbCTh92mAnrWnk8yMJwtBoMYTQMYik8g5eO_81Q6Gbso1hNOQjppi5HMvHFhrpVMcO9Rf8H3dfA2IJHTXC71mU4UeKugXZxC_lfcXTMiPh6wHKUHjQc6x9T6UOetcEZb4D1y_4768o9SBoH4bMFiS7YbuMHNZOs36FLA9qmKzqtIgOjYDiMXQkjWRHvgMenmuRB-tnwYydkAbz0?DC=WZ
Frame ID: 435E829E90FEED5E076B3AA7E71F6079
Requests: 1 HTTP requests in this frame

Frame: https://aj1431.online/zyvWmf7kpH9InEahXejUMnUxFSPVykbIdvFSlve--UVKSwyxIR1TFPXd-qtpGvCCDhzaG1o1OCucnuTUgv40HWLAKnL5_W2g2wELN10s1kYII4HzXADrN86rLE47ddBgE3nNS58eFe_k7nrUBVcuinV597N-ozz5Hqu5jJHO3mZMg_oqP-Etappc5Xn4nlCDIKlvqBO1SglaE7vd9X1AwMUQtDe8HKvdaecotjfrZVlhoCqCc2CP1gfk3esflqn6zoCXFxfKO7qc8vKD3u1lFyeEFXIxqWD1Bu9dqUr_aC7f0cpDW8rw61giQMJ3bqAZrgWZA?DC=WZ
Frame ID: 8AA93793BE9FD25C6623E14EC582D727
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E60A9CE7CE0708056ACE5B8BDCA567F2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 155B8F83BC067BABF4E6C8C98E0F1ED3
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/255033/6086410/6086410.js?ADFassetID=6086410&bv=513
Frame ID: 603B2518BF3F7D5134BE9AF012761CFF
Requests: 19 HTTP requests in this frame

Frame: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dyn_id=
Frame ID: A0A328359A716A201A00A264CE24B467
Requests: 1 HTTP requests in this frame

Frame: https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=69956000199412700951459010864010&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Frame ID: B2BE0A7570913EB7BF90DE9180BBF10A
Requests: 1 HTTP requests in this frame

Frame: https://banner.congstar.de/cookie?afid=203506-69956000199412700951459010864010&affmt=1&affmn=1249
Frame ID: E319665EC6D92C1BCE41B26B6BF45E5A
Requests: 1 HTTP requests in this frame

Frame: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dyn_id=
Frame ID: 5778A8ECFD5D025014E08DE0B0427901
Requests: 1 HTTP requests in this frame

Frame: https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=86603400253640500951453010864030&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Frame ID: 591E3BA800E7974DFB585D774EEEC4BD
Requests: 1 HTTP requests in this frame

Frame: https://banner.congstar.de/cookie?afid=203506-86603400253640500951453010864030&affmt=1&affmn=1249
Frame ID: 5D89F96040A88C5AAAB955340CB68D0C
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312
Frame ID: 42FDDB45C40DC699E3C1D39F1316AAA4
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=69956000199412700951459010864010&a=69689ce6
Frame ID: 191213BD00A841FFE02DEE64488849D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: B1E41716BDEBF1EEABD9EFC18D42E3CD
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75
Frame ID: 4840256203096698522964379D6B02D7
Requests: 1 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=86603400253640500951453010864030&a=b6851908
Frame ID: 90F4E1688BACE213188179C6C73E6E47
Requests: 1 HTTP requests in this frame

Frame: https://onesignal.com/webPushAnalytics
Frame ID: 751F596A79CB65D1104D3E6978D0D60B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements264.js
Frame ID: 3A2DA135380F39B93EDC31704287CFD9
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: B4EFA55D4D11F4D2FCA83CF79D0F9BAA
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: F6351A1AF8B6028E02FBB529EA9C7AB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gazetaexpress.com/ HTTP 301
    https://www.gazetaexpress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • env /pbjs/i
  • env /PREBID_TIMEOUT/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

290
Requests

100 %
HTTPS

34 %
IPv6

34
Domains

60
Subdomains

57
IPs

9
Countries

6307 kB
Transfer

9311 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gazetaexpress.com/ HTTP 301
    https://www.gazetaexpress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=802838&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IGBACEABB~&jid=1373316973&gjid=809892&cid=1714868668.1557945472&tid=UA-6427330-1&_gid=1825746949.1557945472&_r=1&z=1548913824 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_gid=1825746949.1557945472&gjid=809892&_v=j75&z=1548913824 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_v=j75&z=1548913824 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_v=j75&z=1548913824&slf_rd=1&random=1875565810
Request Chain 154
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557945473311&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=47900613&cs_ucfr=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557945473311&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=47900613&cs_ucfr=1
Request Chain 218
  • https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=4334637776880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=4334637776880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 220
  • https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=7705974497410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=7705974497410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 235
  • https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=69956000199412700951459010864010 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dt_subid2=&actionid=879111&produktid=postbankratenkredit&dt_url=https%3A%2F%2Fad.zanox.com%2Fppv%2Fimages%2Fonepixel.gif%3Ffoo%3D45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197 HTTP 301
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dyn_id=
Request Chain 237
  • https://ad.zanox.com/ppv/?45475836C666538628&zpar0=69956000199412700951459010864010 HTTP 302
  • https://ad.zanox.com/ppv/images/onepixel.gif
Request Chain 238
  • https://track.adform.net/banners/Elements/Files/255033/5831965.jpg?assetID=5831965&av=1 HTTP 302
  • https://s1.adform.net/banners/Elements/Files/255033/5831965.jpg?assetID=5831965&av=1?assetID=5831965&av=1
Request Chain 239
  • https://track.adform.net/banners/Elements/Files/255033/5803807.jpg?assetID=5803807&av=1 HTTP 302
  • https://s1.adform.net/banners/Elements/Files/255033/5803807.jpg?assetID=5803807&av=1?assetID=5803807&av=1
Request Chain 240
  • https://track.adform.net/banners/Elements/Files/255033/6085645.jpg?assetID=6085645&av=1 HTTP 302
  • https://s1.adform.net/banners/Elements/Files/255033/6085645.jpg?assetID=6085645&av=1?assetID=6085645&av=1
Request Chain 241
  • https://track.adform.net/banners/Elements/Files/255033/5803798.jpg?assetID=5803798&av=1 HTTP 302
  • https://s1.adform.net/banners/Elements/Files/255033/5803798.jpg?assetID=5803798&av=1?assetID=5803798&av=1
Request Chain 247
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=; HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CJrOspWXnuICFYRx4AodEPgB6Q;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
Request Chain 250
  • https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=86603400253640500951453010864030 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dt_subid2=&actionid=879111&produktid=postbankratenkredit&dt_url=https%3A%2F%2Fad.zanox.com%2Fppv%2Fimages%2Fonepixel.gif%3Ffoo%3D45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883 HTTP 301
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dyn_id=
Request Chain 252
  • https://ad.zanox.com/ppv/?45475836C666538628&zpar0=86603400253640500951453010864030 HTTP 302
  • https://ad.zanox.com/ppv/images/onepixel.gif
Request Chain 255
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=; HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CLPQspWXnuICFUiuewodk2AKGg;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
Request Chain 262
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312
Request Chain 271
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75
Request Chain 295
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=802838&t=event&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=unbounce&ea=15_sec&_u=KGBACEABB~&jid=1744303838&gjid=1261576312&cid=1714868668.1557945472&tid=UA-6427330-1&_gid=1825746949.1557945472&_r=1&z=1508245162 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_gid=1825746949.1557945472&gjid=1261576312&_v=j75&z=1508245162 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_v=j75&z=1508245162 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_v=j75&z=1508245162&slf_rd=1&random=231648198

290 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gazetaexpress.com/
Redirect Chain
  • http://gazetaexpress.com/
  • https://www.gazetaexpress.com/
76 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03a4067da94b34c2ce0f636b355e7475d3174f1a82f04c421cbdc87035527be8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.gazetaexpress.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
__cfduid=deafc86d611bb0b81c5825714413f6d331557945471
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 15 May 2019 18:37:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security
max-age=63072000; includeSubdomains
x-frame-options
DENY
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d7739c0bf36ce57-LHR
content-encoding
br

Redirect headers

Date
Wed, 15 May 2019 18:37:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=deafc86d611bb0b81c5825714413f6d331557945471; expires=Thu, 14-May-20 18:37:51 GMT; path=/; domain=.gazetaexpress.com; HttpOnly
Location
https://www.gazetaexpress.com/
Server
cloudflare
CF-RAY
4d7739bf7821c843-AMS
xwTOH3RFkNwSDdIZdwfdQSyRqQA.js
www.gazetaexpress.com/cdn-cgi/apps/head/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/head/xwTOH3RFkNwSDdIZdwfdQSyRqQA.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b7d0bdbe3b31c3d6127bcd5dc246970fa7d6f8a1ef2584b580e4564308f3d4a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
55A19A4D34362AB2
cf-ray
4d7739c128f9ce57-LHR
status
200
x-amz-id-2
6Y6Lej7Jw6Bw+ptZM6HRnVLK4AnZgz9U/SkUWWey8ofd/jhbeje2avkbpVMcqRv6yziBX+Ry9PU=
last-modified
Wed, 17 Apr 2019 14:41:42 GMT
server
cloudflare
etag
W/"511f73a09413b8b22fc36d6df0c27f4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
BUjW9WkwtyXRSv.DrPJgZ6.tXDBhFNDf
cache-control
public, max-age=31536000
content-type
application/javascript; charset=utf-8
expires
Thu, 14 May 2020 18:37:52 GMT
gpt.js
www.googletagservices.com/tag/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3e8dadf2162e744a31d12d4935c7986dbc5c519a6829807c7582411c7972dc6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"167 / 730 of 1000 / last-modified: 1557857174"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10550
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 23:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5771211
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30399
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 23:31:01 GMT
tag
a.teads.tv/page/76285/ 		759 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a6d51a72eff53d8bd13f20cf23903da3ee162352d4ebc21708dce54a9145171

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
467
expires
Wed, 15 May 2019 19:37:52 GMT
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2019 23:51:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c128f0ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
front-end-gutenberg.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/css/ 		30 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/css/front-end-gutenberg.css?ver=2.1.3
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c5366afdf3ba24bab6ab70930d9d4ef41c920d9858d239a717dec6ed913748

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Mar 2019 12:54:31 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c128f6ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
css
fonts.googleapis.com/ 		15 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
f924a44a0606899cde6a3bd78d807bafedb18d70de09dc9de78337cb1e112ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 May 2019 18:37:52 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 15 May 2019 18:37:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:52 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/css/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/css/bootstrap.min.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02757d53179a86b474d0a406b1eaaf1ff53cc755be7d5ba9586adafa8ec3a621

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c128fcce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery.fancybox.min.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/jquery.fancybox.min.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c12900ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery.bxslider.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/ 		3 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/jquery.bxslider.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce314178842e6606a8ff7626000deca961d99324be36eceba70a8df5f8f21c40

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:33 GMT
server
cloudflare
cf-polished
origSize=4112
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c12906ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
font-awesome.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/font-awesome.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Mar 2019 21:35:54 GMT
server
cloudflare
cf-polished
origSize=37414
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c1290bce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
style.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68ac06bf066af8b878c4ccb260f74a474c1f2b500843c38f18991880cd0fc133

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:28:50 GMT
server
cloudflare
cf-polished
origSize=23191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c1290dce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
facets.min.css
www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/css/ 		789 B
306 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/css/facets.min.css?ver=2.8.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Feb 2019 13:02:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c12915ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2019 23:51:09 GMT
server
cloudflare
cf-polished
origSize=97183
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c1391ace57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c159aace57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery-1.12.4.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/jquery-1.12.4.min.js?ver=1.0.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c159abce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery.easing.1.3.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		4 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/jquery.easing.1.3.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:35 GMT
server
cloudflare
cf-polished
origSize=8097
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c159b0ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"a5067802576549b3e0627521f03ee508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
4d7739c25e96beec-FRA
expires
Thu, 16 May 2019 06:37:52 GMT
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5951ce792cc6e9a3a05f3e0df73abdcfc07d5887b348ceb19663915eb09f9006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+LvPaV5bsi90ndKdjVdiiA==
status
200
date
Wed, 15 May 2019 18:37:52 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
QqBmYtZQs2YmTk8d5cUOzfTJ1DlQcYBETyFEOXT7ohg8UvhkuQ5WKQcBmVFwGQmTXzGKlSwgSLFHh+8sKMH0dg==
x-fb-content-md5
4826f134a316ea7a63a8f9787d272ddc
etag
"cbf9084120660459db04d08dbc77f1f4"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 May 2019 18:56:08 GMT
041528fb.js
aj1431.online/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/041528fb.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
3562754cfd8e62c8965cd24016fb150a0bcb7ecae9a4ec9e5391af0a4b733de2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:52 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Accept-Ranges
bytes
ETag
"080e482d53f020535ab786d8d45122ff3"
Transfer-Encoding
chunked
Content-Type
application/javascript
ks-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/ks-flag.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1194c1d29ca7cd11f79be59b08fdca876dbed47faf13c6932ec89e338c9c607a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Oct 2014 06:23:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cb2ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
al-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/al-flag.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5057f8b1ced4dc7f9cd6dcad22abdf06e0dd16de9a9d6ad47e6f1bb2e0cf9a7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2017 23:56:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cb6ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
mk-flag.png
www.gazetaexpress.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/mk-flag.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80ed123fc6e616e3595c2172616add173dfb5085f72f4811f10bb45c35c1c1e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2017 23:56:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cb8ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
en-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/en-flag.png?12
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe33dcc2df517cdd648947e2d644014e8dc13b42813314b7022c430420f24aa

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2017 12:24:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cb9ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
logo.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d860bcd49cc302f2ac6948ce99b714152920b39d660a72c82b75aff600967d03

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cbece57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
logo4.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo4.png?v=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:29:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cc2ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
thaci-5-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/thaci-5-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea976853e907344799ed51bd389bc9c4ac5424229940dae2059609122d1c49e9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2019 15:07:18 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c23cc8ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
140925105348-isis-fighter-al-hayat-story-top-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/140925105348-isis-fighter-al-hayat-story-top-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48f40d7f52d88cc2349b67c3b22ff5a6c6d8d2e1c0bfc99744903a54a18d2ac

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 16:08:51 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c23ccace57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
blerim-devolli-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/blerim-devolli-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12cf3dd6103c779b34431b447b264f65a4f018b595680860665f8de4d7dc805

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 27 Apr 2019 14:48:15 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c23ccbce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
kvv-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/kvv-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cd2e0dd5e3f998d14b12c06c8b1e6c0733948dc246acec8f0d1bb3bee09837

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 16:49:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23ccece57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
g-22-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/g-22-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe38d5b89ef54e131abf25809591aa3e79e24e251668fa05d132be6d3dffa2d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 17:54:22 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c23cd0ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
griezmann-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/griezmann-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8021fecdab345cf01a8d718d430c65e2edfc4810d695b0e86a07c51d938318

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 10 May 2019 14:42:26 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c23cd2ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
dtj-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/dtj-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cf60738b97471e0ab4f6e5b45657d41fedf2cebc10f03ec97707af21fd562e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:30:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c23cd6ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
vera-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/vera-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2451cbbae23363bc97b8906239c8878c78fb49ad616cb76583ed360e9a3359

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 16:49:05 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27d97ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
Screenshot_14-3-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Screenshot_14-3-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76caefb6105868f41285c84dfdccc569c2b925eead4b0c83c1664e64f36f3c27

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 16:24:17 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27d9bce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
vv-1-565x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/vv-1-565x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d5e19195c0e2b60e02c87bf16d2f2694a463ead3f5a11b94d34fb52adcbbf6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 17:19:30 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27d9ece57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
arusha-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/arusha-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13e91c5cf50a4d83bc2e1dc037bfb130fe3e7cd98667cc5d9a20a9ad2521490

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Mon, 13 May 2019 14:33:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27da0ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
viag-600x340.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/viag-600x340.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c63bbb1368c4f8b62a1635a084c5ebd43758c986377f96938657a9e5b781916

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:35:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27da1ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
berber-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/berber-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd261b6957acfd97efee8ee734e6b1f009e698bd3da81f80bf956e189bbdb98

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:04:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27da2ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
sulltanesha-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/sulltanesha-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6739213c11c4433ffb46bd1b0cdf5a7cd1285686ff3535faaf7a6c5d05a84fff

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:22:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27da5ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
t7.png
www.gazetaexpress.com/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/t7.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d8123861eb05f843af822d875f255d2578965d0974366b191ed99c2b09a24a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2019 14:02:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27da9ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
60316576_1100968683360921_3937027680783826944_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60316576_1100968683360921_3937027680783826944_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b56c94e53abed5a1af64fc155a8ffa9b168a77b09ce99211fe1e0ee984a239

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 18:34:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27daace57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
auto_PTK-Blera-600x3601557004181-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/auto_PTK-Blera-600x3601557004181-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99568e144b99fdd2cdea9ac68b42a4529c374bf66c76a2ce6316d6fcae9f7e6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 18:20:55 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27dadce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
60182781_414514319369466_4824597726362599424_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60182781_414514319369466_4824597726362599424_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1c6eec2061070da3cf8ae92b8aa24ce2a71e7c7611798bf82143b40cad4f04

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 18:03:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dafce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
ww-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/ww-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58dd0575910660a13614e0ff2888eccd47437a76d0beed505213ed7e32b5fe10

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 18:14:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27db2ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
shkolla-750x450-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/shkolla-750x450-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b524ef743f726d914b5e98164aaa48fbffbd8cbbe759ce853d8da60db829cf8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 17:52:03 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27db4ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
auto_raporti1539096386-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/auto_raporti1539096386-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57b3ce8ed2d89b2a77f885a34a1fecfd6a31d9240b530151775e6a1b3e91004

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:38:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27db6ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
60333454_1013108358894010_7535402391483449344_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60333454_1013108358894010_7535402391483449344_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
432da0ed9cd2e04961f652c72488fc3f2eb637afa80479ccf2ec8f3da86ccb8c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 13:46:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dbbce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Besa-Shahini-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Besa-Shahini-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bafed08690cb63ae563770e414d8ef556140ccd1e0fe7a4e4f74b5e40283acee

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 14:23:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dbcce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
1555765863_moti-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/1555765863_moti-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b20815ace6a0f0669b19892ba52f6d02e26a5d9e1009fd673ef002c051540e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Sat, 20 Apr 2019 13:16:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dbece57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
60357195_845051025847929_9145906739688767488_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60357195_845051025847929_9145906739688767488_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
38db26e255f6ee8f7397119c04176c448b2735ebb7a53e252eb31914f5a61150

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 13:46:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dbfce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
IMG-20190514-WA0002-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/IMG-20190514-WA0002-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e74e3a9657c0a6ff7a87f56cd2ae719f830f3b5ea7fe4574c87608961d572a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 13:32:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dc1ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
60201675_446569422584341_2832535261039034368_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60201675_446569422584341_2832535261039034368_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca2b40a2735a0e2fd0af9a752b8ae8e9142b868cbbaee9738dd68a0cc877755

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 15:20:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dc5ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
58374252_395721157679818_7231692248822317056_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/58374252_395721157679818_7231692248822317056_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b5cde382fb2f8624f610cf7211ff8281e4cec9c5d8074d854883d093aafa5c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 16:36:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dc9ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Thaci-A1-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Thaci-A1-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b18a3d8a7f8f3d5b227d41b12eb99900ddfa9db9caaaa440a5c31925301c38

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 16:26:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dd0ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
45847202-400994793769530-6862462354290900992-n_1541930010-1204137-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/45847202-400994793769530-6862462354290900992-n_1541930010-1204137-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41661188c71fce6074437b718b165dcdda71a1b3c13fb37baae5fcbec4cee044

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 14:15:58 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27dd2ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
1505935591ramaaa-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/1505935591ramaaa-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4aa84f81af3d2c5825af09fe1669b77826a3fd47db2f1fb0fac9f0735c31292

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 14:41:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dd6ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
bb-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/bb-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ad26ecc0860de179124f6e21fe1b62317dfa547ea6b8198be43f44f74f457b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2019 21:47:28 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27dd8ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
lb-1.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/lb-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
885ab5ccb6b8f0454f3bb87da81e7f73a3c59aa8721a46fe40d50f188cf6b9d4

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Mon, 13 May 2019 15:30:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dddce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
wark-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/wark-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36391377210d6e611d00f472a923ae2c0d33252a07870fbf5c0f4b2aa1986be

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 11:44:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27de0ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Diplomati-gjerman-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Diplomati-gjerman-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5f234ec2b5f42deb25922bbde9907d366af612a5e78286bc71df8291e3db3b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 11 May 2019 15:38:21 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27de6ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
jose-mourinho-pep-guardiola_1bpc67r5l5f581w5a2erjuguzp-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/jose-mourinho-pep-guardiola_1bpc67r5l5f581w5a2erjuguzp-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
423d00aa4846af61550ecc11ad4b2e9d50eec715e71390d32eae6718e534df45

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 12:56:31 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27debce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
56334809_384792268776830_6014348554125150061_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/56334809_384792268776830_6014348554125150061_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddde751d6dced6af80948d5cb2eba1e00c66531b0db1cecb36905ca55e6fb9d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2019 15:08:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27deece57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Lionel-Messi-Sergio-Aguero-Football365-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Lionel-Messi-Sergio-Aguero-Football365-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
73758578eff89c10616b21b1da4b0108fe1817b6fda9af10e39cf8a0c0437275

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2019 21:17:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27df1ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
pep-guardiola-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/pep-guardiola-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0c338c776f52e7ea09968cca28b062f2f4e23048f88e25580dc9902de74eee

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 26 Apr 2019 06:10:29 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27df5ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
griezmann-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/griezmann-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
37eceecac6c6c38ccd29f901bdfba73dddd67ef7e4755a1b7a6c99bb74ea9b56

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Fri, 10 May 2019 09:17:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27dffce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
roze.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/roze.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90d0cded9720b6d4c487472776555df0db4914ba5bb91fead64cc826bc2d854

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e07ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
shanina-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/shanina-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe697b88c358a583dacadc08d905b7cb23317ff0d567caccfd56e7275100e026

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:52:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e0cce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Brad-Pitt-Angelina-Jolie-Custody-Battle-Tension-Kids-02-1024x717-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Brad-Pitt-Angelina-Jolie-Custody-Battle-Tension-Kids-02-1024x717-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0efe2bb62db38c87186cea6e5ac18795373c4844b66518b202ca436dbcdba5

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 16:33:22 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e10ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
BeFunky-Collage-19-680x365_c-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/BeFunky-Collage-19-680x365_c-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7c2baafeb68ef9088c9eb3c2d8f0e2bcc8133257bc162e1ab420c3bd670887

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 16:24:30 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e13ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
morena-4-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/morena-4-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3d807963a35a0e3e357c0099900bee24282cb9cbbd472ae20978614fd2d862

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 May 2019 19:26:34 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e16ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
fero-600x333.jpg
www.gazetaexpress.com/wp-content/uploads/2019/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/03/fero-600x333.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7d00e7525f39c464a0b2a7a83f47f2e35b727f4fc164825fa85f16131241ef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2019 15:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e19ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
photo-1512845369876-26d81a677daf-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/photo-1512845369876-26d81a677daf-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1ed112d33396bea22d3a63cea1733359bc338d26d5b7f6a34eebd52a25ad62

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 15:17:37 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e1cce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
Kate-Miller-Heidke-eurovision-2019-billboard-1548-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Kate-Miller-Heidke-eurovision-2019-billboard-1548-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6eb16530a15dd24f25579b6f0d518d6b0c492fef5d9cec8e75f9a8ad90238e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 15:00:47 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e20ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
uploads2Fcard2Fimage2F2166612Funtitled-59.jpg2F950x534__filters3Aquality289029-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/uploads2Fcard2Fimage2F2166612Funtitled-59.jpg2F950x534__filters3Aquality289029-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b537c28f8dd73f5db6530c9ce7904173e33ac49b85422dc3baf331f15f7b3446

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 16:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e22ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
image-01-lung-cancer-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/image-01-lung-cancer-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c1bda985148deec8556f9c43822c22313408ff12153b6888e22b3132ab49ae

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 14:45:47 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e24ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
60299980_346657715990628_4826484548445405184_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60299980_346657715990628_4826484548445405184_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c23d7926f168e931d2257b151c95465d0db4f9e6c867d879f75725a1e0d78529

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 13:34:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e25ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
1234567-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/1234567-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d91ba62c7059f39d18c547aefbd911ed1af0d210a0490b41ff61f8d077cd39b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 13:37:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e26ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Capture-60-600x329.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Capture-60-600x329.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae59acab3e6fb169ed5b4289f9c91b63ff4e1443f7e2f572b590003204c79526

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 12:14:51 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e27ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
amuja.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/amuja.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e8df7ea6524a417491238f1c0c45f12b2420fbeddeb4b42c8f498267fc8222

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 09:23:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e28ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
kos-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/kos-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfa2b556afe5a0a53153c97f6dca358e0684e9c40b93e1bd775190985cfcd8e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 May 2019 19:31:28 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e29ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
bloodmoon-588x360.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		394 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/bloodmoon-588x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6e4b7f41e025f25f4a82bfbc575130a15607ab8fa45746130a7014756c400a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2019 18:31:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e2cce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
game-12-600x355.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/game-12-600x355.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd28e5e0b45a3c1f41b4401a30cae09440ea3e8b9b71cef626d9d917613d2f2

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 May 2019 17:41:49 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e2ece57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
polip2-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/polip2-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e19dd473687cbf3fecf61996ef787c2ebd79e31910cef9bb50581111ff5840

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 13 May 2019 12:40:08 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e30ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
dori-600x345.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/dori-600x345.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
842039cdf04fd2b6ae66c527c016b42dba6061c40b509d91b4633020737a1613

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Mon, 13 May 2019 09:49:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e31ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
rita-6-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/rita-6-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87acd506437bab2ae269589bc377dbe4a34c42bde1374f0dca1ebad171dd4559

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 10 May 2019 19:46:07 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e32ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
fascisme-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/fascisme-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05e1fa6493c38c6ffb159a4e5063aad98244963fed63e6476f5b691a2f0a132

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Mon, 13 May 2019 09:15:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e35ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
60412759_455983018281908_5578982678633381888_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/60412759_455983018281908_5578982678633381888_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e33bad1874d1ff15734cfae018d8130ea41cdf8b6de35e9abb069bb8828ef0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Sun, 12 May 2019 17:04:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e38ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
mark66754-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/mark66754-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2321eb805d91f31833159260a676282beb372fd6aebc22306894a525ed9af7b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Sun, 12 May 2019 12:40:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e39ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
elvis-hoxha-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/elvis-hoxha-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ac6996f95ab0f28146c51329c1a4698280b543ee16c28d29112f1b16d36633

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 11 May 2019 15:39:38 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e3cce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
BUSS-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/BUSS-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc29e15ede9d1548148ebe56a0bbe73f5c565d60a6c5d3d41138e56bb0ae49e0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 15:30:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e3fce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
mark_zuckerberg_house_lake_tahoe-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		401 KB
401 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/mark_zuckerberg_house_lake_tahoe-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3e06e2a2436730cff8ae2a054195654af87079b85e0dec10aad5652658f374

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 14:35:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e42ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
2-140-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/2-140-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
416758d9105513eca95de4a5a3046298803a57fa02533e3f81ca186942f1331e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 15:11:22 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e43ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
C-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/C-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88eaa616005a414be69a547d80451fca3194a29d89a445f258e54a8ed8ff165

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 12:20:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e46ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
i-7-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/i-7-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51094ea612e429b325f489538a8fbbb74f7b7ed7b4b2257ff54c031a6ab8ebf7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2019 12:12:03 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e4ace57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
chernobyl.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/chernobyl.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cf514097b88c7970057a11542745326f7b1c0cb8ca07e37924893428205ef1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Wed, 15 May 2019 17:10:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e4cce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
mars-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/mars-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
939be3594bd1249a7d5dc7029a2bed1100ca160828edd0ec4665d50aea825710

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2019 21:49:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e4fce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
%D0%A0%D0%B0%D0%B9%D0%BE%D0%BD_%D0%93%D0%BE%D1%80%D0%BD%D1%8F%D0%BA%D0%B0-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/%D0%A0%D0%B0%D0%B9%D0%BE%D0%BD_%D0%93%D0%BE%D1%80%D0%BD%D1%8F%D0%BA%D0%B0-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e946e3765c923781e463607025bd190f1a2dd3931c5fc0c1d4354ba353e5f8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2019 20:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e52ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
kuriozitet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/kuriozitet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b761f31dcb62b538628d578bfa6188fe253933e0dc1b9fc37bf598982c8c17

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Mon, 13 May 2019 05:53:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e57ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Earth-Spin-Preview-Image.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Earth-Spin-Preview-Image.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
707f5dd8b57475b8c16266cdab1525cb7fbbbb0b94d2ea244a1855099fb6d3a5

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Sun, 12 May 2019 19:19:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e5dce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
Screenshot_40-5-568x360.jpg
www.gazetaexpress.com/wp-content/uploads/2019/05/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/05/Screenshot_40-5-568x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2bbcac0cc1dcd9d79e5f286b885da8dfed4ba40967d6533ac5041e127fd4717

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 11 May 2019 12:56:07 GMT
server
cloudflare
x-cache-status
BYPASS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c27e62ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
logo-footer.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo-footer.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8fb7a8194728b9c16058a207355d712d9dc78ed439465322f5357e6acf30fd

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e65ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
shkabajLogo.png
www.gazetaexpress.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/shkabajLogo.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
342773fa0d89481ec7521bd4994beaa6145a54c1b35a1c4f3033bdec36dcd01a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Dec 2014 10:39:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e68ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
chevron-top.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/chevron-top.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77392f8766632c2c7384609a5a5b7f759c4d5dad0e9d60e54fe7da82e5a51394

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
4d7739c27e6cce57-LHR
content-length
1274
expires
Sat, 25 May 2019 18:37:52 GMT
mpp-frontend.min.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/ 		326 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.min.js?ver=2.1.3
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd605490efded6afa1551c643fdb396e4118ca4c39c02539da543ba7ed0216e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Mar 2019 12:54:31 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
status
200
cache-control
public, max-age=28800
cf-ray
4d7739c17a16ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
jquery.fancybox.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/jquery.fancybox.min.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cea969acd75c4a1d1fd3950c397486ed14625d27777d70a205a8286cae0f3f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c1db7dce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
bootstrap.bundle.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/js/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/js/bootstrap.bundle.min.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c22c98ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
jquery.bxslider.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/jquery.bxslider.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af75344a3c58703523ea517239fb2e61d94e90e3824a5751a873723103e2905

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:33 GMT
server
cloudflare
cf-polished
origSize=65388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c22c9dce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
scripts.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		872 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/scripts.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfc8660b7bc66e1df0b0d8c7e1b09c83362acfc3d92a0d5bef8179e7878ef61

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:36 GMT
server
cloudflare
cf-polished
origSize=1235
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-bgj
minify
cf-ray
4d7739c22ca0ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
underscore.min.js
www.gazetaexpress.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2019 23:51:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c22ca4ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
facets.min.js
www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.8.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Feb 2019 13:02:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c22ca8ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.1.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Dec 2018 14:46:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c22cacce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
3921
date
Wed, 15 May 2019 17:32:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Wed, 15 May 2019 19:32:31 GMT
hbgsript_gazetaexpress_desktop_article_7.js
adxbid.me/ 		254 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.me/hbgsript_gazetaexpress_desktop_article_7.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:ac79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa8d2eeb34c57ae1d7546108cdd8d7846d7162e33509b25341b5bc98452f805

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 15 May 2019 18:37:52 GMT
cache-control
public, max-age=14400
server
cloudflare
cf-ray
4d7739c288c5c303-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-184.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 29 Apr 2019 19:13:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
1380290
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
eUN94WW7YyXZumedUEIgJECNHuxlM2XW5F5cF0MzYWHWGwQMyP7CRA==
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019050901.js
securepubads.g.doubleclick.net/gpt/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f155.1e100.net
Software
sffe /
Resource Hash
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2019 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55799
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:52 GMT
header-bg.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		159 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/header-bg.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7385bfde4c121c81486ba15fd68e6d02058b8dde2853b57c79d4088d53aed62b

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
4d7739c23cbfce57-LHR
content-length
159
expires
Sat, 25 May 2019 18:37:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v12/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Mon, 25 Mar 2019 20:20:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:07 GMT
server
sffe
age
4400258
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13324
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:14 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		694 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e4daa57c2d18d94c451ee3e1d96d1ddfc0f15d3b33c49bea91eb54a371c0d05

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 08:13:13 GMT
x-amz-request-id
C51956CB7515FCBA
etag
"cfe61b2574686eaf81aa635247d0e0d0"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=600
x-bucket
7
accept-ranges
bytes
content-length
185214
x-amz-id-2
hk0tDQtzx3lcijkgskNJ0p7dqfhqzxXZO5oEiELV4kzbxmOsdDxwNOWQiJm+LgqwaAXVmKxNJRM=
expires
Wed, 15 May 2019 18:47:52 GMT
9ep7L5nMpOm8NMP
www.televizioni.tv/embed/ Frame 331C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.televizioni.tv/embed/9ep7L5nMpOm8NMP?feature=oembed
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:4b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.televizioni.tv
:scheme
https
:path
/embed/9ep7L5nMpOm8NMP?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Wed, 15 May 2019 18:37:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfd10be3e9aaa57bc4461b07ee86d558b1557945472; expires=Thu, 14-May-20 18:37:52 GMT; path=/; domain=.televizioni.tv; HttpOnly PHPSESSID=113epnd3bffkltkdrfrd4m2llh; path=/ mode=day; expires=Sat, 12-May-2029 18:37:52 GMT; Max-Age=315360000; path=/
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d7739c2bede64eb-FRA
content-encoding
br
YOQc6RsR7pKXul4
www.televizioni.tv/embed/ Frame 2B2C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.televizioni.tv/embed/YOQc6RsR7pKXul4?feature=oembed
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:4b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.televizioni.tv
:scheme
https
:path
/embed/YOQc6RsR7pKXul4?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Wed, 15 May 2019 18:37:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfd10be3e9aaa57bc4461b07ee86d558b1557945472; expires=Thu, 14-May-20 18:37:52 GMT; path=/; domain=.televizioni.tv; HttpOnly PHPSESSID=fqmab5elobb2950990enl1usgg; path=/ mode=day; expires=Sat, 12-May-2029 18:37:52 GMT; Max-Age=315360000; path=/
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d7739c2bee264eb-FRA
content-encoding
br
HlgIhi1s7Iwc5Np
www.televizioni.tv/embed/ Frame 3C55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.televizioni.tv/embed/HlgIhi1s7Iwc5Np?feature=oembed
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:4b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.televizioni.tv
:scheme
https
:path
/embed/HlgIhi1s7Iwc5Np?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Wed, 15 May 2019 18:37:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfd10be3e9aaa57bc4461b07ee86d558b1557945472; expires=Thu, 14-May-20 18:37:52 GMT; path=/; domain=.televizioni.tv; HttpOnly PHPSESSID=trgebgek3bi13v1668lgglefas; path=/ mode=day; expires=Sat, 12-May-2029 18:37:52 GMT; Max-Age=315360000; path=/
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d7739c2bedf64eb-FRA
content-encoding
br
search.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/search.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
430eeed0076e4b943d324406f5402477e3878768474537eec934106d356b7161

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Wed, 15 May 2019 18:37:52 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:28:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=864000
cf-ray
4d7739c27e71ce57-LHR
expires
Sat, 25 May 2019 18:37:52 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Mon, 25 Mar 2019 20:20:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:49 GMT
server
sffe
age
4400258
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12976
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:14 GMT
intersbc-webfont.woff
www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/intersbc-webfont.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.1.182 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c2e469b3e2f8f23eed0b99557538e8ef7d9d1e636e45b027b9d888e75acf4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.11
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
strict-transport-security
max-age=63072000; includeSubdomains
content-length
22996
pragma
public
last-modified
Thu, 07 Feb 2019 15:01:40 GMT
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=28800
accept-ranges
bytes
cf-ray
4d7739c27e78ce57-LHR
expires
Thu, 16 May 2019 02:37:52 GMT
sdk.js
connect.facebook.net/en_GB/ 		195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=cd5dc42e190e24b7eaf76d2fab2591bc&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
250e54eb6a2782b438fdf2e78137be28e16e18c31bfa7824320b6854c990947f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mrHtctPNhwzxd/Spgf6c/g==
status
200
date
Wed, 15 May 2019 18:37:52 GMT
vary
Accept-Encoding
content-length
59266
x-fb-debug
1Ruk+v9vLNw+QGzUabLVrR/jUM7J7qwAPAV/1F/Ki5gHhhR2kXloUjWl5nB0N68d1+n5p/NI4TysOMPGOfaU8A==
x-fb-content-md5
a556dc5647fee4e7d69d52f68a2ea129
etag
"4bfcb53294b62657d0bddffc59a00317"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 14 May 2020 15:35:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Mon, 25 Mar 2019 20:20:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:34 GMT
server
sffe
age
4400258
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13108
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:14 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=802838&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_gid=1825746949.1557945472&gjid=809892&_v=j75&z=1548913824
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_v=j75&z=1548913824
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_v=j75&z=1548913824&slf_rd=1&random=1875565810
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_v=j75&z=1548913824&slf_rd=1&random=1875565810
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:52 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1373316973&_v=j75&z=1548913824&slf_rd=1&random=1875565810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=802838&t=event&_s=2&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABB~&jid=&gjid=&cid=1714868668.1557945472&tid=UA-6427330-1&_gid=1825746949.1557945472&z=722442035
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Mar 2019 15:33:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4849451
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		212 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"c855e8eb5fbdafddfa15bc848b662c44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
4d7739c38897beec-FRA
expires
Sat, 18 May 2019 18:37:52 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
https://www.gazetaexpress.com

Response headers

date
Mon, 25 Mar 2019 20:20:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
4400258
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13008
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:14 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15-May-2019 18:37:52 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Wed, 22 May 2019 18:37:52 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
df8fc6c4e95dbc4429c71629e3ca2161180cb4fb4d10b7b5af7712def6876bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
KaQpFgwT8svTISij/GJvOA==
status
200
date
Wed, 15 May 2019 18:37:52 GMT
vary
Accept-Encoding
content-length
2118
x-fb-debug
PLkr5qCMm82G2VRbXwzhu7wJ/sSb5DAZk5aLX5xDorUCJSDtw2Y6DzTylomg+MXHbynpBkDUei7tlYGKwV1kcg==
x-fb-content-md5
0de11247ac3b7dbc17c07ceaa795aa4c
etag
"29cbf4996c6d4c452c1793adaa5d58e1"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 May 2019 18:40:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
Iq/S6XGf7u8acWc8PnZU/oGJfsgE9sCGb43IFW9jBrUBHFENycqD826VPWAq7h11oeMfm17uJeeAEzSgfu9o/w==
date
Wed, 15 May 2019 18:37:52 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni&time=1557945472583&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gazetaexpress.com%2F&random_number=687100391&sess_cookie=5f02561216abcc95646e94e7741&sess_cookie_flag=1&user_cookie=5f02561216abcc95646e94e7741&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.249 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-249.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 11:37:38 GMT
Via
1.1 df874ca0e51df630ccc49eab9f1f7fb3.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified
20110117123941
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
25214
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
RhC3VgF_K3h2SBPH1MSUPxCcoaIYCRPQ7C-NLP45RwHU0eFa3Uv1Xw==
/
www.facebook.com/tr/ 		44 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025887620575&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1557945472792&cd[value]=0.01&cd[currency]=EUR
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 15 May 2019 18:37:52 GMT
/
www.facebook.com/tr/ 		44 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025887912175&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1557945472792&cd[value]=0.01&cd[currency]=EUR
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 15 May 2019 18:37:52 GMT
672076466251367
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/672076466251367?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1d36b10fc8b1d9cef43f67c65ca32e79028d3f221d78f2e8bc18c6584b10d9fe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
56214
x-xss-protection
0
pragma
public
x-fb-debug
zjoQblQ13jRG0l8S+1SxL6N0d1PnQMmiwO6Yo6gKv+VsMDdRJ/SnbOrL4VVQv2mNIztqkva+cRNt8seiNWI63g==
date
Wed, 15 May 2019 18:37:52 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=9&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&kw=news&tk_flint=pbjs_lite_v2.11.0&x_source.tid=8fc8ca31-d482-4430-b778-920cdc410d62&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.926637440044628
Requested by
Host: adxbid.me
URL: https://adxbid.me/hbgsript_gazetaexpress_desktop_article_7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
2cbead19ed7c4012caee0a39713c4af1fae03123f5ed0335b1456218d8af64dc

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1435
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=10&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&kw=news&tk_flint=pbjs_lite_v2.11.0&x_source.tid=9060e3bc-c1ba-4bf1-ad9b-fcab1e015afd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8762317541742344
Requested by
Host: adxbid.me
URL: https://adxbid.me/hbgsript_gazetaexpress_desktop_article_7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
67cb7e1a87dee1dcf04b5d21f84e4c4c3914e43ef010997a8c47369f3479f0ee

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=8
Content-Length
2170
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=9&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&kw=news&tk_flint=pbjs_lite_v2.11.0&x_source.tid=32ff00f7-74e4-4c0c-90c8-90b2cfaf5d18&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.23816027565170783
Requested by
Host: adxbid.me
URL: https://adxbid.me/hbgsript_gazetaexpress_desktop_article_7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
151e7b48c53970ec4acd3366dfccd8ec779c6ef5e7f3b8f62cf2a694c9b4227f

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=7
Content-Length
2179
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&kw=news&tk_flint=pbjs_lite_v2.11.0&x_source.tid=8a150f12-f141-4bb2-810f-6bf8f0dd000f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.15000068899590713
Requested by
Host: adxbid.me
URL: https://adxbid.me/hbgsript_gazetaexpress_desktop_article_7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
6787d2584d00f68da3fb551988967c6ea7dcc71f17bbf193316870821aaaf97b

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=10
Content-Length
2170
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=1107018&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&kw=news&tk_flint=pbjs_lite_v2.11.0&x_source.tid=c0752919-4a1a-4c68-b501-efe93fe9a9d5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7531405511904223
Requested by
Host: adxbid.me
URL: https://adxbid.me/hbgsript_gazetaexpress_desktop_article_7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7a3a4dd85697563d9d16075f64c30415b5c1bcedd5f16aff6f08066a4b6fe484

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=4
Content-Length
1443
Expires
Wed, 17 Sep 1975 21:32:10 GMT
rules-p-Z2HwmmFSucHCB.js
rules.quantcount.com/ 		3 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:34:10 GMT
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
226
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
3
x-amz-cf-id
1j7Bn-3M4M_-1n4H1rOPR578ypCAAdx4Yu80Znys39Rh6APFl2IlXA==
/
www.facebook.com/tr/ 		44 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=211121436486198&ev=fb_page_view&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1557945472950&sw=1600&sh=1200
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 15 May 2019 18:37:52 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame FF1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=cd5dc42e190e24b7eaf76d2fab2591bc&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
cookie
fr=0l3ikAw8SRcH5n3RS..Bc3FyA...1.0.Bc3FyA.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 13 May 2020 13:40:15 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
FRlGSLLokHU13N31HOpgfU98kwFFNRBJkkUINSW3nZkq38bFWn6uW2+C6ZrLt0Na3tA+Y2kmdvVYuk+kklYw7A==
content-length
10999
date
Wed, 15 May 2019 18:37:52 GMT
web
onesignal.com/api/v1/sync/8bf09b6b-a4e6-49d8-b36d-5bbadcb02fd7/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/8bf09b6b-a4e6-49d8-b36d-5bbadcb02fd7/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.4
Resource Hash
eaf0b7fe9aa23ff7af49965647b8f2c50e39419986c6895f02cccd9c6f654318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Phusion Passenger 5.3.4
status
200, 200 OK
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
872f772b-948f-4f49-b9fc-ecd3eab694cc
x-runtime
0.073061
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=2995
cf-ray
4d7739c64d22beec-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 15 May 2019 18:42:53 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
ImFmPHDApojipLL1+6FZ0+sHjG2FtqYasaWVWr0bfjJ+STE4062zFHZZkqQNNHhFwl2/dkBj+0tTLYWQLz/tbQ==
date
Wed, 15 May 2019 18:37:53 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
1520317101345890
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1520317101345890?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b9091df450d7c0a5e7d686ca8a0fea8bd91d4299c7da4d51f28e16191f716582
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
56215
x-xss-protection
0
pragma
public
x-fb-debug
7ZBk1SIoFFdY6vUJ7pdToNM+YAQicRKDIXpQ5rN6De7Ld+KaQY0KDLpaD6j1Y2zN3thMYJo/pbgyx+d4qrBPzA==
date
Wed, 15 May 2019 18:37:53 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=672076466251367&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1557945473195&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557945473194.1714648602&it=1557945472799&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 15 May 2019 18:37:53 GMT
hotjar-1087512.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1087512.js?sv=6
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
openresty /
Resource Hash
12e7c4bcdd9aa1150ef73d6226f01e71202552211eb32fb5d364626d75ecd71d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
38
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1546
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/349d31c92bc3cd411c4f06baa55162c8
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.079
accept-ranges
bytes
section-io-id
dad8989ce1e6857788c646c2b35a9099
wigo-no-slot
sync.teads.tv/ Frame 3304 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/wigo-no-slot
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
325
expires
Wed, 15 May 2019 18:37:53 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 15 May 2019 18:37:53 GMT
set-cookie
tt_viewer=0ccae320-00df-4775-bbc6-d23108151af8; Expires=Wed, 13 May 2020 18:37:53 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557945473311&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557945473311&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557945473311&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=47900613&cs_ucfr=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.125.24.244 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-125-24-244.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557945473311&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=47900613&cs_ucfr=1
Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&ts=1557945473309&pageId=76285&pid=82609&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&fv=2.21.87
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Wed, 15 May 2019 18:37:53 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Wed, 15 May 2019 18:37:53 GMT
track
t.teads.tv/ 		23 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&ts=1557945473309&pageId=76285&pid=82609&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&slot=native&fv=2.21.87
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Wed, 15 May 2019 18:37:53 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Wed, 15 May 2019 18:37:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=608430035336718&correlator=1049260490402635&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061863&vrg=2019050901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu_parts=74207979%2Cadxp_gazetaexpress_160x600_HB%2Cadxp_gazetaexpress_300x600_HB%2Cadxp_gazetaexpress.com_160x600_right%2Cadxp_gazetaexpress_HB_728x90%2Cadxp_gazetaexpress_HB_300x250_D_1%2Cadxp_gazetaexpress_HB_300x250_D_2%2Cadxp_gazetaexpress_HB_300x250_D_3%2Cadxp_gazetaexpress_300x250_mobile_1%2Cgazetaexpress_test_hb_300x250%2Cadxp_gazetaexpress_HB_300x250_mobile_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=160x600%2C300x600%2C160x600%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&prev_scp=hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D0.06%26hb_adid_rubicon%3D10ccf03ef44f405%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.06%26hb_adid%3D10ccf03ef44f405%26hb_bidder%3Drubicon%7Chb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D719eb91c1e4102%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D719eb91c1e4102%26hb_bidder%3Drubicon%7Chb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D8da9409ec010e%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.04%26hb_adid%3D8da9409ec010e%26hb_bidder%3Drubicon%7Chb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D992449ea276ce%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D992449ea276ce%26hb_bidder%3Drubicon%7Chb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.06%26hb_adid_rubicon%3D110121bdae6a42c%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D110121bdae6a42c%26hb_bidder%3Drubicon%7C%7C%7C%7C%7C&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1557945473&dt=1557945473367&dlt=1557945472171&idt=425&frm=20&biw=1585&bih=1200&oid=3&adxs=143%2C-9%2C1283%2C470%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=225%2C-9%2C225%2C49%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4206218631%2C3618061427%2C4027716477%2C1376028450%2C2904518949%2C3788665600%2C3852554850%2C537267373%2C1682953793%2C3692762762&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=68&icsg=65535&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600%7C0x-1%7C160x600%7C803x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=160x-1%7C0x-1%7C160x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&blev=1&bisch=1&ga_vid=6849284.1557945473&ga_sid=1557945473&ga_hid=802838&fws=0%2C2%2C0%2C0%2C2%2C2%2C2%2C2%2C2%2C2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
a508d7307116dd21cc7fc6ce5785cb948e67469ea852df46f147ec12ac227e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
6474
x-xss-protection
0
google-lineitem-id
5004958218,5004958218,5005244066,5004958218,5004955659,5022580760,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138264935489,138264935522,138264961848,138264961917,138264935414,138219754825,-2,-2,-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019050901.js
securepubads.g.doubleclick.net/gpt/ 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f155.1e100.net
Software
sffe /
Resource Hash
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2019 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27443
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
pixel;r=790702542;rf=0;a=p-Z2HwmmFSucHCB;url=https%3A%2F%2Fwww.gazetaexpress.com%2F;fpan=1;fpa=P0-123793750-1557945473468;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc...
pixel.quantserve.com/ 		35 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=790702542;rf=0;a=p-Z2HwmmFSucHCB;url=https%3A%2F%2Fwww.gazetaexpress.com%2F;fpan=1;fpa=P0-123793750-1557945473468;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1557945473468;tzo=0;ogl=locale.sq_AL%2Ctype.website%2Ctitle.Gazeta%20Express%20-%20Express%20nuk%20ndalet!%2Cdescription.Lajmi%20i%20fundit%20nga%20Aktualiteti%252C%20Politika%252C%20Sporti%252C%20Showbizi%252C%20Sh%C3%ABndet%C3%ABsia%20etj%252E%20Inf%2Curl.https%3A%2F%2Fwww%252Egazetaexpress%252Ecom%2F%2Csite_name.Gazeta%20Express
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.177 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
zIb-ZMUqpWIJK7-bDCPweWVxe0tKApSDCRFa-s-Mkj9OohiN7Onw-fBXiXVF39RknmqB7lMA6DXFvCe_eJ1AM66b3jlrXddz1HakYmfJ4HCKD9KvTw3CYrxwwDFMqP8hvhq8snJxs3dKl9eRZJH4d3-WAmR72sAzn2vsbtJAKhKQmrNxVGmvgOqT6anrdzPpXHJNG...
aj1431.online/ 		589 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zIb-ZMUqpWIJK7-bDCPweWVxe0tKApSDCRFa-s-Mkj9OohiN7Onw-fBXiXVF39RknmqB7lMA6DXFvCe_eJ1AM66b3jlrXddz1HakYmfJ4HCKD9KvTw3CYrxwwDFMqP8hvhq8snJxs3dKl9eRZJH4d3-WAmR72sAzn2vsbtJAKhKQmrNxVGmvgOqT6anrdzPpXHJNGQleC4OmgUkSdR9voZ1E4gkoUdOVpUqPkiWPlAwLxPw6X0r6U87o1nE1wXlck-OMLhuv3u4Vlqu_WYhD-EW4v2rLux3ftJgytvY4PwrMKzOdsdOp2Gu5MVP2Gtxkkr7WQlSFikAYmZfnS_gwoptSy_PNvHUCyMpbrKnPPE6AxDguxVRzT8QDlnDBVIz2nALFPFT62cUlmS98kTmK_kOXMEw?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
763a884b8d677c2fd44a7275e5d1b315983087cbc02dade932b7fb363c61ae3d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:52 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
589
Expires
0
zrCDhcnF0EEN5XKO0EUM6y06h9e23_rSw95udMZXXIztHYk1W6EcAI0PXJvnFr6LR6q9KZp00Gry1cPOp1fSpOydJZNCgrXE1wLNuSm8vEBMVwdeUXc8UHDd7g_eICKjhS6_HhTM2B0g_rjRz3XOl81eh_8-6nf2lp42qWVLDB5ha-qPMf538efPJ4Q0IKvRx_twR...
aj1431.online/ 		590 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zrCDhcnF0EEN5XKO0EUM6y06h9e23_rSw95udMZXXIztHYk1W6EcAI0PXJvnFr6LR6q9KZp00Gry1cPOp1fSpOydJZNCgrXE1wLNuSm8vEBMVwdeUXc8UHDd7g_eICKjhS6_HhTM2B0g_rjRz3XOl81eh_8-6nf2lp42qWVLDB5ha-qPMf538efPJ4Q0IKvRx_twRZTSvd8n-WknQhDYlJq0_ZmDnl_u-SG5mozjgzNpYf_XL7IFVkiqLiPQ8NoyU_gIreGBTGt4-s9jh53q1Jft0rahNgwlpf6T496cozuBpFUf1R60JakiMQ_MvFSrIiZ1PoNuxrkZVPs9puFmur__CgsZOwxGydYVBZvU0maV7m1O8syFHlo3c41gHBpma9JZCTqeWS9yPhLKzdEwzt8KynU4?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
72942e03c8c3b3e36341c3074a92a9821613e9b58a1a7b81823376d8e7dd70a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:52 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
590
Expires
0
zVz6mUYvRA477L-0DEOBxK_lQfiRbOOt5frtJPsQxWYrARlGTmWd2xIjenp3JFwLyRt9-7wqu5aaGp4-M_Y0DmeMsHNdFENEol0FYGy-9y6ojc5spmSlLvcRn5WtYJ4hplia1hRhQYif35aEi5prgSpmAsD-ihzDwyrHl8Rtk48GiaPRywgkyhaqrEHZB461exgx7...
aj1431.online/ 		571 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zVz6mUYvRA477L-0DEOBxK_lQfiRbOOt5frtJPsQxWYrARlGTmWd2xIjenp3JFwLyRt9-7wqu5aaGp4-M_Y0DmeMsHNdFENEol0FYGy-9y6ojc5spmSlLvcRn5WtYJ4hplia1hRhQYif35aEi5prgSpmAsD-ihzDwyrHl8Rtk48GiaPRywgkyhaqrEHZB461exgx7f1qUV5IxYwspVw7k7QP8QrsnKuAGuCD0_yph0He1sexTHtlChVSjoDyeUsU_INZqOB-3Af8nNia3NeJo4cIImFJ4O8Xa1Ld_LD7LVEnIcotKdqC3hLemGEffAHcONFh8iRIir7kKVSkcHT_mFDqUMOMPoZlZlk1A3KejF6LtBrtpdp-dxuQRVTqby9x8hmNHSCQ4A1EGAPWQdh4ysMDpm08?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
f854688baa8ec43b955897c8c2c89bca7c4ae42fabbd5863f974a5eb5320c083

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
571
Expires
0
zo75DAVruoe3V8yTl7_ZwQwQjtnvO43EHxmdv-yKnU8946lxs-302rwrnwYDGks8HCrQeqVjUfpzhKpWUr0hccVbVE-Esn0xxMUOHcCA-f7G0P6t3MX_Di1LBN_CXZlsPjqIOJW-u7wkpfwzBCv1kk1LqQco30qfE2DhoLW0av9pzSpkLQh3Of6OxU_kQuKD2rWeo...
aj1431.online/ 		573 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zo75DAVruoe3V8yTl7_ZwQwQjtnvO43EHxmdv-yKnU8946lxs-302rwrnwYDGks8HCrQeqVjUfpzhKpWUr0hccVbVE-Esn0xxMUOHcCA-f7G0P6t3MX_Di1LBN_CXZlsPjqIOJW-u7wkpfwzBCv1kk1LqQco30qfE2DhoLW0av9pzSpkLQh3Of6OxU_kQuKD2rWeoloj3kUbRaN2tD0oXMcsDK-05A8s8GFcxwzAa73D_RIuQKN5khJSDO52--Z9iNMJYEPwZgUfU_Noj_Fy0_R4VFwSsgj2CzA4Drbqo5mW_hE9ghI1O6mDQi3OXm6hBkkidSRE4pxkCmf73ggjVbHzUFSy3qFX16BblFsCjEqXisnH_VqROpN4dFmocrdXJSqZF4mHbzbzUN9PRI0014sPjmUQ?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
76831b3bc5df9b9472bd9a13122e6bdef17fee07a21ed9f71f47e5487579b00c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
573
Expires
0
zI06X9gyhBUziiANSVKCN1oEoz5uuWptvnrTlBcAuPlm5tuyD-g_MKULRbxO-By8gErW-IMx709DfQo0jfeWTd3qA7PWX6qmmoG_Nbjd29LJU8n_86tCbfCKgtE-n2fMIeyKZ4QOEznHruMEhByoMSFAfcfVpaO5FRizwMVk69cmCYqIvacpNbA_Vvs8ELQvf0LUe...
aj1431.online/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zI06X9gyhBUziiANSVKCN1oEoz5uuWptvnrTlBcAuPlm5tuyD-g_MKULRbxO-By8gErW-IMx709DfQo0jfeWTd3qA7PWX6qmmoG_Nbjd29LJU8n_86tCbfCKgtE-n2fMIeyKZ4QOEznHruMEhByoMSFAfcfVpaO5FRizwMVk69cmCYqIvacpNbA_Vvs8ELQvf0LUehRDVhCjlsmQsc2NmyZtsUgVxtFTbCjMa0JYG52iA6paATFV6cYsMaSZ1s9sczz4TpT3dA__AVhLsGFj42PtO86qhq4HZFga4HwyXLCTTwDjJety80D06Ood1gs3NBi3dk21-7e8KzewO1Nxqs1fhFxsz8tQrjAZesdnhs0-TQTqtHrwPCiM6inh_-rr37eNq0_nGuT5rY2Y8Ik41tJfkm04?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
caf942e5d729ca1e60a5f052d31219acfaf0225e45a2b5ebbedfb0652e030536

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
600
Expires
0
zai5L5WWaJdC5RM1w1-RXhwVBxYkxR_1SVzQudUeZRjZNVOiu42TslTn3FSfDGZO6wlUbLHdwr4UD_KkvbGR8J1AeX_vzJS7GlvDqMnY7qEfnKC-z_VErPbobleRFdzT4w3r4sWM06TC6O-dMCfHnF_VcAfMwbLF1Zdsz9UnUnmZc_eRdeYO4FW_9NoquT4X9R_49...
aj1431.online/ 		571 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zai5L5WWaJdC5RM1w1-RXhwVBxYkxR_1SVzQudUeZRjZNVOiu42TslTn3FSfDGZO6wlUbLHdwr4UD_KkvbGR8J1AeX_vzJS7GlvDqMnY7qEfnKC-z_VErPbobleRFdzT4w3r4sWM06TC6O-dMCfHnF_VcAfMwbLF1Zdsz9UnUnmZc_eRdeYO4FW_9NoquT4X9R_49lYgdGy0xSL2UZa65nmAzWUrnYcJ6IKgW6gIinRgQEiMaohtYkjFiEP9G0YB37jR0jQM-dr6KwrJ2ZkFJWY05r3CxCLrx39U-NvgjIV_T6RFSglPe9I9YM7bKT8ZrlPuJEP3gRakacQUaMkJNlO4PwaXt6N21D1f4e0VJIIXSg0DFXKG9QM7REZ_zvWcKSBiqUojqiimg-rO9JR4ztZe2ykQ?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
1614960c7442763823d109eeecdedb8a7b7562ed0d1b6b56acf7000f592d713f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
571
Expires
0
zJJ1KJIYSyKlViNlecylFSDpbgMHliogKc43mJXXUkKaR4yJ2Ylf5yvBnepapbuW7wqkk1daBHHQbE_CF3WZZF7MRmrz9HyL4iukhyKTE81VccohaNS5TIeUZ9Ifvbgdg5ohaD3-kms6dagR7VsFw-eqt1v-pHj6apNKhWmgwRlL8d0igpPsFHUHkHzKnm2Wg97z6...
aj1431.online/ 		576 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zJJ1KJIYSyKlViNlecylFSDpbgMHliogKc43mJXXUkKaR4yJ2Ylf5yvBnepapbuW7wqkk1daBHHQbE_CF3WZZF7MRmrz9HyL4iukhyKTE81VccohaNS5TIeUZ9Ifvbgdg5ohaD3-kms6dagR7VsFw-eqt1v-pHj6apNKhWmgwRlL8d0igpPsFHUHkHzKnm2Wg97z6KpS6_kRals2Yaf9rRAcsakukfkZGkkt8M6gFecDotRGaj2VGzel3B9vfc4zgwZJ6DDATlavNptrff9dF766t2R2Q7dBTfW3gEQsjlJM0f8U8o7nZJinoIAGftfm2AiO6rmx7rbg3UlmD2T2Y356nxt6yzggiKjQLBquedA5UFpQEdSXU8XXF5IEqVqzhUJQL4Gz27yzZO9b1fhg3t8K0nUU?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
3cd91c5fe69e1442ed258a56d17ea15a19ef4ead50cb4782d3526c3f606142c9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
576
Expires
0
z6QkeymWHGOpay5a5UzHS0UarqTrld0jiROkTzUUdSkziz-vg-zkJzO3BLbBik85ZU7lp60K3mRuIdvSkhuM5ayiQKxjjS9UUT4GR-th6KWD_L1h1ZpqvDc3qAhzlDFW7fGoJzPoZaKigOMSKqKnEUKFD8EpQFwJ9TqgFQEf0zfSQ_-xQE5yUghJVMJwx23ZLmscf...
aj1431.online/ 		566 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/z6QkeymWHGOpay5a5UzHS0UarqTrld0jiROkTzUUdSkziz-vg-zkJzO3BLbBik85ZU7lp60K3mRuIdvSkhuM5ayiQKxjjS9UUT4GR-th6KWD_L1h1ZpqvDc3qAhzlDFW7fGoJzPoZaKigOMSKqKnEUKFD8EpQFwJ9TqgFQEf0zfSQ_-xQE5yUghJVMJwx23ZLmscf1NbfypeviKgKiddluGEhzN4mKEI1BPF0vMZmDzedf3u6cF_tw7WRxVgPF_SGEya6EErZE5feD70bpeotNoY8PosDz-nOg2Cp8HlasBFvuh1z-heKFsczZaTIeQOyK6Q__F1DspZ67ylopPsK2G8VMR1BgKeECt23g7qIZnaaKQrnqzLpNGL6r1f3sH-Wbx8hOUxq66Pi8LdVdExmss_nwUE?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
868ec4a1b02346c5125215ea07d903b3f01d7e758d72243bc778cd3788a27075

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
566
Expires
0
zuj9yYAdR2Fdmth5EgDaPw27599-HqyDkMd3tv1GTovivi53idB7xoxGbJSaNZOU1vU9g_vFQ3Wqnu1A96zU6hlyJYFcpaDVYK_K3EuOjdvSqF0WOk_sXgJNNrbEbKOc9tf5PLsMxCYbyEmsvrT3aPFem4GKc7rDOQsUP27NnSs5Byx00hpe0n9Kow_OQsMuFapVn...
aj1431.online/ 		554 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zuj9yYAdR2Fdmth5EgDaPw27599-HqyDkMd3tv1GTovivi53idB7xoxGbJSaNZOU1vU9g_vFQ3Wqnu1A96zU6hlyJYFcpaDVYK_K3EuOjdvSqF0WOk_sXgJNNrbEbKOc9tf5PLsMxCYbyEmsvrT3aPFem4GKc7rDOQsUP27NnSs5Byx00hpe0n9Kow_OQsMuFapVnZo44YokOpcTwWr_jUm4ay26mTtpbGzpsdqaOPwzg_tAOyzzXAOIG7PlgBsrga5eOa5vltHJn0VL-bDODSPniY7VjktYDENbjtAgY9jANePArxAKccScrHNyr6z2FPgQjG891B4045SVwCxzZEiF4vXGIwPOouxGboWq3rgMwxQUzjJ3sivNI_-OGV9uG7FtvhykQNNRQJ5nsI0tmtsKynUI?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
01a136d0ed3db4810ef87c411ec9550c15c637386931fa1375cdf86fbba20fa4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
554
Expires
0
zbB5Fa3yVZqRY5ia4OS4ElRgoohhmaIE0YjCRqVHNV_BNRA0RKs9ZjXRy65_MOGMOF7_YYjmt-POyXX3DUHcub7A4oZxjqP_hrZQ2_I23oFXZuPAtXDWbR-kDYkpWppnvaPj1NOm1UdG1XCQ8PVLsQOdbVu68ccSqK4VEBd2MMTIDzYpMARWZgqpPk9KAY0SXVpJK...
aj1431.online/ 		555 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zbB5Fa3yVZqRY5ia4OS4ElRgoohhmaIE0YjCRqVHNV_BNRA0RKs9ZjXRy65_MOGMOF7_YYjmt-POyXX3DUHcub7A4oZxjqP_hrZQ2_I23oFXZuPAtXDWbR-kDYkpWppnvaPj1NOm1UdG1XCQ8PVLsQOdbVu68ccSqK4VEBd2MMTIDzYpMARWZgqpPk9KAY0SXVpJKWuEElgjIcSpa6jPS5Sa8ky-fcr6Y9gH0i9g8DRsiQoh3yIKY6fvZujfhmglvCE9bTD9ooOddr7QEsBsdotll31Jn2U9MQTurBvaY8HsCaP4v9qIOYtokvbe-sUbHoPj4xCk2Aq5miUQuQdFlzB13gPgD25GMNye2-2ARfPhCT0WoLB1FFuKXLHEMB4lNiqLnmQWDXDrL8c0lcUsw4JTpz0M?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
99a8929cb16121a1000843c6c8c58fcb2f9f3f49afe0f5499612fc960b98cf5b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
555
Expires
0
zAr9NZlIg0WQisJe7KjEGWV914mGySfRT4Nbj-jGdZVHLD7EmzHeSklIMz0oZOn6prP213TZ1-7PyqCg_ANHKo2uFmdJIpnEPh7xxrEpez9qH2m_WkcNFI_OrK5RpL0oFrluVVXzTmo3b3izrNlOddH36O8i_o3wavL2L9uvdsnnrpY1SEqJzaepsFznZAiaiDjFx...
aj1431.online/ 		566 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zAr9NZlIg0WQisJe7KjEGWV914mGySfRT4Nbj-jGdZVHLD7EmzHeSklIMz0oZOn6prP213TZ1-7PyqCg_ANHKo2uFmdJIpnEPh7xxrEpez9qH2m_WkcNFI_OrK5RpL0oFrluVVXzTmo3b3izrNlOddH36O8i_o3wavL2L9uvdsnnrpY1SEqJzaepsFznZAiaiDjFxQC4supEp1lW_dfB8rOckcOTDNLkNJGAnIp3tJrCY0y3LMeIMkB8Nrr89_xX52pk__XiEczOfT2oJXHj1QhDd2AFFDCCmXN2y_98aAiXqxhyeqfYVGWNxThMa3EU4D6-bJqPgzDChqgIisEAuADDpaBszZ2apLWii4AU2J8GIJqHGTG9hLsyMznX2O7wRXXT2TNQBzwIUzkgdAyMeMeCXsctG?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
135cb9d660a17b0f8af82f3f54a5ca001f598f5448fb1678348eb628387aac93

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
566
Expires
0
z5iaDI_GfFpr0c9EOyA8JL188Xg9PoBlewNJdeaUg71TvydrZVxvFlC3QChKEOSFRqyagVpY6ehOHcuMwMauXYrTgZn1i2cQKFzytLVKerJqXbm4dpa7p_tVAMORuNStLw2cUw_SqIPfWaHahgu7_0XgKc9LXyQc4gfkcm7HwlPXLCKUN25h9dfB1-JFqfTd14IM0...
aj1431.online/ 		555 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/z5iaDI_GfFpr0c9EOyA8JL188Xg9PoBlewNJdeaUg71TvydrZVxvFlC3QChKEOSFRqyagVpY6ehOHcuMwMauXYrTgZn1i2cQKFzytLVKerJqXbm4dpa7p_tVAMORuNStLw2cUw_SqIPfWaHahgu7_0XgKc9LXyQc4gfkcm7HwlPXLCKUN25h9dfB1-JFqfTd14IM0lWHH-ePDlu_ORfPP9nGjYRyY0oLTQmaFGy4Z5gRKDLAt0v_CdKdQBCpYE5-IabIvhqW3uox1uxqTFL1ki4u9Ri0pN2TzpJjo5wKV690-3ynKRyUL9eq7SLQQn-WM69ZxrXaGMJ0VfuYzT059Vuj8MViqiHozyeC1sgJlU35W0-G7XjjFz3gyzzEwiP_yMUkLoqO0FUV8I-zsPiQfNeeT5sEV?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
642fab5efbd89da119271d05bc5a58628d0713b37e604640e35a0856526106f3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
555
Expires
0
z4ACJARInRSFhZwtjGZmV0Lk8EaCrrC4ojN6AvdR4VeqWcNsCnWYbUlTCRlOgwgiGEYJKeuhggkOIXcy_qaFVqbdRDMyldTK907wmwnfZgebbSEp1MvVd5DrNj77GEXckFsu-Dp6RFOG0G0HyB5TQGKukZ9DRzOvVEL983GdzVxH9BpAZud7USaxsJPVQcQ5MFb0X...
aj1431.online/ 		556 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/z4ACJARInRSFhZwtjGZmV0Lk8EaCrrC4ojN6AvdR4VeqWcNsCnWYbUlTCRlOgwgiGEYJKeuhggkOIXcy_qaFVqbdRDMyldTK907wmwnfZgebbSEp1MvVd5DrNj77GEXckFsu-Dp6RFOG0G0HyB5TQGKukZ9DRzOvVEL983GdzVxH9BpAZud7USaxsJPVQcQ5MFb0XeThb6vwwC2WTRbn5iXGgAoMnQ1iGh4pXe4Pr7mzzKJ5Mhors44vGQxT7kv6PBhrdqFX7zNvH5PUQYjyb6Ni4WoHRHDgnMPi8kkv6lSVFX-205NtfyQ3M7j4__i4rDKbeq6XtYWn8zBvAkFPeDFWa1cQ3kF8q1YcK74_52C_6VHm9VW77G6kaSOtEXR1fa6inL6Dhq9YPfBc-1CVFNLLB55kX?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
1b0d9fc9c6e59cf4715db376210743d062f288c25ee3aaf49e363e17d6746548

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
556
Expires
0
z9VwXSKWS_GK3fY8w8im3j78KKEaxyfkPHhGmTSYS5UMd64iAQ3-tBK6ihdysWLChHCR3HHgOEm7SlNIycqkITX_Ns7sgwJJdjqXRmNAxzlGBg_VxHEOUBjzZulV53SnmfXXK1myihrNhLaLn8-_2XSa3RM5zP35IsdRVulWzlxT4zIZpFquCiNA4Jr9zRZiMBpcq...
aj1431.online/ 		555 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/z9VwXSKWS_GK3fY8w8im3j78KKEaxyfkPHhGmTSYS5UMd64iAQ3-tBK6ihdysWLChHCR3HHgOEm7SlNIycqkITX_Ns7sgwJJdjqXRmNAxzlGBg_VxHEOUBjzZulV53SnmfXXK1myihrNhLaLn8-_2XSa3RM5zP35IsdRVulWzlxT4zIZpFquCiNA4Jr9zRZiMBpcqIfCzNFWuDiwBMtvfhF0U5WN60hOMn5-s_HwXiwWLRh4mGuWMIC-HxA2l6919IBumSqbbFwBO0aTHWPi-sN5XFgNMXsKP9_mbbUM5oJms6UfvLnEZ9_pWeK1s5lWM3yjZnwvy9fPpI-Jm9gNbis5A5o1qT5Kd71S21he-MV6SOJ3k4BNzSi9LL3a_S--Sa9tFpfKbeYne9MbU6HUeOuPGtMhB?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
287270434da6d2a9027c62b67a1ec7a0ccdba9fe1284f899204bd85fac466542

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
555
Expires
0
modules.97ad32b400c18e783298.js
script.hotjar.com/ 		421 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.97ad32b400c18e783298.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1087512.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.80.178 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-25
Software
/
Resource Hash
a101ff221d02599248828886fe728ac97ad812849e4da7fc96a8252b2c74f174
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2019 16:57:43 GMT
access-control-allow-origin
*
etag
W/"525a427614eefa774611b38e54d16bf8"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-origin-status
200
accept-ranges
bytes
section-io-id
6d5cda0ae7be5f87c627eaea5c7f939c
content-length
89203
zFUCxkZZswo1Nj0bhstRwnqt8UDhglEp2lDgtun9PAqAdjDVedLacDVjB2uxVavhe2ax3vK3ixN9OFEV-nxVdmZfgORvHRMz1-Z4WDtMJxwLMBvrsxQ2vPvDPb1WWB1pQklrSVUjylJz2cSSwCpzzo1gFneUjo8VQV4IYWfkCgv1XBRsr1bLO7QLy5hR_8I83kJrl...
aj1431.online/ Frame 7DC2 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zFUCxkZZswo1Nj0bhstRwnqt8UDhglEp2lDgtun9PAqAdjDVedLacDVjB2uxVavhe2ax3vK3ixN9OFEV-nxVdmZfgORvHRMz1-Z4WDtMJxwLMBvrsxQ2vPvDPb1WWB1pQklrSVUjylJz2cSSwCpzzo1gFneUjo8VQV4IYWfkCgv1XBRsr1bLO7QLy5hR_8I83kJrlXEjYbpusdarsBc4aWUyrykXmVoAE6tMWSGljcm6ryQy9SXaHkdUqZ_tMGPJLw3y3X2QZILO2Z0TJCso7v9oga3y5wq9M2L4_UHwAidYRSFiH3vmzFixqOC1e2q2ASXw?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zScPTgZK-gIYsXaB2bnQyceXfeIzTg20migOSmybGYWy5qSRI69i8GvX2qqmkSWybQ7Lg97FdgCC6gwrnw1UguAkcF_spBvWS_dI3g6wAh0-iuyCg253Z9Tosq3AO0pMnHzryjJpJ5gQQG8aESwE7640A61XYscnF_H8yp_-YlplrpsGyKJXlRmcE0-qzblueniQV...
aj1431.online/ Frame F56F 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zScPTgZK-gIYsXaB2bnQyceXfeIzTg20migOSmybGYWy5qSRI69i8GvX2qqmkSWybQ7Lg97FdgCC6gwrnw1UguAkcF_spBvWS_dI3g6wAh0-iuyCg253Z9Tosq3AO0pMnHzryjJpJ5gQQG8aESwE7640A61XYscnF_H8yp_-YlplrpsGyKJXlRmcE0-qzblueniQVNZrYVn4oivwjras-5KOiQl3dfNCKJST6W7Osjy28Dq5FoEnKrZOMiUKNvg36S1Uqe9aBkKageHfCC-j9NsxzY5_HyTX557tfEU8QrZBDuBuuCOtDZw9KoYvJHLrDEJk?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 6B3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2148
pragma
no-cache
cache-control
no-cache
origin
https://www.gazetaexpress.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
cookie
fr=0L01jAKRiGqscEER2..Bc3FyB...1.0.Bc3FyB.
Origin
https://www.gazetaexpress.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Wed, 15 May 2019 18:37:53 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame E75D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1087512.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.81.98 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-30
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Wed, 15 May 2019 18:37:53 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.024
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
85802e28c18cbf265077d774d8a3d7b2
view
securepubads.g.doubleclick.net/pcs/ Frame 1023 		0
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdteUHySmqQe_cXpdU_bFiR6D1QyjdkTos9oPU4ex8MrXk_qa8Ey7Hz2GAmZfINCr_R-zgsLL8VoygTVUGN38Iz0IZtP5DlmHQsntAau4bahQtym9_UlYENiJA8iMVJ_NKuGrdctED29VI016y-GUq-csZZjjc1_OIPIEuKP8npwKDgH2EXgEl_yamgQVBcN1OSZYCe3Gsn2qIK68BYt6NsXC1beRLAIIeYqcIIZWRX7SI3twHi9c8R1gSyGQ8_5-Taq7vTWATVn2fJyCydxPl93g7Tk5qx5Lw4w&sai=AMfl-YR2jTQIQTfnxA9CylRTWRJqp-Wb-xXQvq1nBtbGdPLc0SYHnmz3maUnmbIW_R2jlwwT7BxUcNbFiHDcf0dNmkq1KgAZmMRHPGX_O20G2w&sig=Cg0ArKJSzCAncNMck5FfEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 May 2019 18:37:53 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
/
track.adform.net/adfscript/ Frame 1023 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=30003420;rtbwp=E8D101A06DABF8C6;rtbdata=Ss331fw3S0vEJ6vUcGTVw1gB6W7PlFNB0ECw4osRbNB2_-0LrrMYXwAAZWIyjCv9Aqgz7zBa4EczbdwHtUVNgx9566KZAOfMSK2u8iYY4B9kiofayaCvJsfAXsimfjEjikSyMY6XAlzS67MZA6DIWCWqzgCXGRkUIyZgZNls97hZpidVpUlTTgF0e3PazgsBb3n0FJSWhHcvMlz0zr4mruPIqFIep5u2KYn8hTqZDzKO_0jI-T8xWukxya-8proW0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/151f36d8-26c0-454a-9401-7cb2905b3f46/
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
937f621a3ac6b86e8819462f6c8bf50c01a9d83bee4e08a29bc4ab5aff7fd1f5

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9760
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 1023 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
58d5d69efb99ba86b86e44a4753304d14f0ebcda68e3b9b31faa68d85d2a9811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557761362186258"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28693
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
53af729e9e4b8c8d2aae917515b562dba0d5273acc77c8775d6e05a6cddfcefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557761362186258"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28615
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 359A 		0
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV2_joxxDF8_WYYyHxI1KRC3tsyzV4YJM7_OW-Buq7aFv2SUAf6PptcyrO9pylFdEfuqFBKQV5pVp33PU_1426fs8BZ6dZ7AQ6TNB9SyzwHDg3-alROSUgq412ibVw6MYneaEu49TWEX1SfQfTbQ98H4JBuQCXS6FNgNTydUFcJglEKj0R9AWSv-7p6JeNTFwiEO9wPYDZO1F2N-SJehoJYFOngGeaiGDUGda3TjvpLnWz7pdODOujLafoUhJZVPTQKEHid6aOAiiyMcM7MOcQK3dWMkF5QkZw1Wh9YKha2Qw&sai=AMfl-YTRtuHHP81vw6yxC7ZCrAb6Qoew-sE11xePwNdO5DWW4nGppZUSy5pk9YG26HMg3xL2h9e24nu0539wBCajIdZm_2NwUaA2lmZmduh28A&sig=Cg0ArKJSzKPLV-zmA0_NEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 May 2019 18:37:53 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
js
tags.mathtag.com/notify/ Frame 359A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvWmpZM056YzBNekF0TWpVNVpDMWlOVE5qTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM0MjYzNDgyMTgzODQ4NTEzMjkvNjYyMjQ3MC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVITXlrODJIMFI0T0Y5MDlQZEUzbkswOC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zNDI2MzQ4MjE4Mzg0ODUxMzI5L2Ftcy8wLzI4MDkvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/2p89HkUrl-0KMdOJJ8EJgmW8Dto&nodeid=702&auctionid=3426348218384851329&exch=ruc&sid=4562355&cid=6622470&price=8C8F7C280920394B&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.144.3 /
Resource Hash
3677634b18f03f9fe6db2f33554ebc0c1a2fc426bb8713a2bcb0935c65275f7e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 May 2019 18:37:53 GMT
Server
MMBD/3.144.3
x-mm-latency
1 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
count
Cache-Control
no-cache
x-mm-host
cdg-router-x45, cdg-bidder-x75
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 15 May 2019 18:37:53 GMT
c48dde8d-0224-42f5-88d9-18b5a920fcaf
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame 359A 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu-ams3.rubiconproject.com/beacon/d/c48dde8d-0224-42f5-88d9-18b5a920fcaf?oo=0&accountId=12398&siteId=59924&zoneId=1107018&sizeId=9&e=6A1E40E384DA563BD668BC895F791AB9EDD68D94BB0DAE5E38C4A7225AFD6EE3C107A1DDC29A9FD6998D893785316CBB9833B6E12CCD46A97BF2917EF004E7A2D56890A33A68D37634CDC7E0DA2D991BE581C7278562D88571C3F2D1FFCBAEA88CD43DDC609866D36780681219D5622A78A6123C03C7F6A21C6A678AE12669AC400C41FC095C14AB7AB4411DCAEBFDA0D8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B870B0D4257A5F0325A16BF4427A26F95ACB4A5F2A47FA6839A81AEC86AFE53451CD8EFC9095A1DF1FBD8D5ABBE36F5EBEC412EC3192328D167F3FCFECE1D9D67C2855597EDFAE29835218EC977CC7BE43BB728F3E38D20500419A9E96D332EBAFB99ACFBD310893806679CBD295A8E7155AF1E748264071666938C2B94BEF689F9CB69808ECB8896BB9BD58C7785C9F117A465C15A2BEC4DEA0F984D56C8361623D888BD58682889188D1A1EDD315617F4E82C8DC099D34DAF7A4512289792C6D4D412D919DB7561D6D035A83E6F4D25F75F80E4DB370AA1A59B82BB21B430064CE82C8DC099D34DAF11EA0C268307A5A84BE0469B4098C398F564392DF702867A68E4E6797EF4ABCC821F6447A6D94F4F5979A28704FB67D8BCA1E8831F78FAC4D6774268922C1C46A1659B399B7483EF3EC61B4609BE18F4B519EA4C8EE64140F43DE558903DC1DDE84162F617A9DE3BB88D7AA63931FAC86D1A20586C0EE8133E97440CB969AA54E389FD322ACA17C4B602FF66AE46020F78D31CC2F71B86A2BDBEA4D735D0148F4F8850747ACEFAA22605645952F60178387903785CBAEAE13E10A978A9BDC51CCF63EEB91BD504E7D8EE2E66944527E42D66CC3F1EE157F6B515856B526162FAE82A954C1004678A
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.47 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 359A 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
58d5d69efb99ba86b86e44a4753304d14f0ebcda68e3b9b31faa68d85d2a9811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557761362186258"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28693
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 025D 		0
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvibClsMlCs9YlIcIsV5YhHyf3jfxuodj-5NwlIi10LYLVuJLz-8Jhp8DiLOXVuZFswOC1k8FsQ_K3WxbY-QkAKffkO-qI4N6X8WXHBmiY_TWa3HutVoeE3gKia0RKz_9AhwIrFJCRwuz8E-BWC1OEj_SIscwGASe6NpOjP_po1f0ioJ_ImK019SVmTk6Ro27x-431l_1sRK_MSNDdDfjDcelcUf7-fXcbfis-R_y9_mL3b-MC7zALJ-_10Ztrv4fb5LpmW0i1HkX0AjStYp7dM6zorK6IAvwZ5&sai=AMfl-YQD2XmPbXZj5yk7FEHt2ofqjviyzl_ipMaNEyTcm-KNVtjbROBQtVbyUAFB2SzYTIqAp1fMqxDlzeVF7uV3I_iYwC8FtESXcQ3KClCoBg&sig=Cg0ArKJSzEvbkxPBhZ2lEAE&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 May 2019 18:37:53 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
js
tags.mathtag.com/notify/ Frame 025D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvTXpOaFltTTJNak10TkRjek5TMHpZMlUzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzU2MzA2NzA4Njc2NTM0MDMwMDkvNjYyMjQ3OC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVIQU5maUhtVi03Y09TSk1UVzk3aU14MC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81NjMwNjcwODY3NjUzNDAzMDA5L3pyaC8wLzI4MDcvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/Rq3qWgW5WvArY2kOUEU729vxuEg&nodeid=1336&auctionid=5630670867653403009&exch=ruc&sid=4562355&cid=6622478&price=70799B816A06AC92&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.144.3 /
Resource Hash
6a3c651aa733f827e23d899416e7d6bf035eb89781e3bcedfe7c63976b092c4c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 May 2019 18:37:53 GMT
Server
MMBD/3.144.3
x-mm-latency
2 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
count
Cache-Control
no-cache
x-mm-host
zrh-router-x30, zrh-bidder-x111
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 15 May 2019 18:37:53 GMT
5f37e1c9-514a-485f-81ff-668eff6510fc
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame 025D 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu-ams3.rubiconproject.com/beacon/d/5f37e1c9-514a-485f-81ff-668eff6510fc?oo=0&accountId=12398&siteId=59924&zoneId=1107018&sizeId=2&e=6A1E40E384DA563B1E07BE91366D89D45CB34E281D6760DD5589F1BDF9982F266B9CF640C35BB1E4E7A3F77293C21FF89833B6E12CCD46A97BF2917EF004E7A2D56890A33A68D37634CDC7E0DA2D991BE581C7278562D885FD99DAC33F0780208CD43DDC609866D3BE07341D7ECFA73EA1326DD116FAB53628ABD723528607F21CEAC88DDEF74B2E7C53E308D59E6CA9D8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B873520AF6238858D8AF93B2614580EEFACB9BC41A7A93F2FEFA7258397D22260ABD8EFC9095A1DF1FB4620ACDF9CB6A8C8412EC3192328D167F3FCFECE1D9D67C2855597EDFAE29835218EC977CC7BE43BE97CF669DA79A9DAD1277D6144BD1B2AAAA582B0EEB51AFDC48E08878A68913D7B040836C05A50FE938C2B94BEF689F9CB69808ECB8896BB9BD58C7785C9F117A465C15A2BEC4DEA0F984D56C8361623D888BD58682889188D1A1EDD315617F4E82C8DC099D34DAF7A4512289792C6D4D412D919DB7561D6D035A83E6F4D25F75F80E4DB370AA1A59B82BB21B430064CE82C8DC099D34DAF11EA0C268307A5A84BE0469B4098C39806B8AF954AB1F0D528B462F882B7A6914C30B7E425D70E2E3D8E5A88610B4D483E18C15FA2A590F7C53EFD24FC9B1DFCA1659B399B7483EF3EC61B4609BE18F4B519EA4C8EE64140F43DE558903DC1DDA5BF695AE2B116A3F8A377C7148DCC037B4A4734972D83402613466D921F79A046EC78D13E431F7FF46CED36513DB3E78842B81FCACEF9B8FB076947AB46665C2FCCAA903F2990D2F1CA1D67F7645BF22B0F5500C65C7EDF0E40A593223EDB89C792F63D69A4D88644720C9BB3B27392C3ADA08C4FDA33DD45E18B3097251BAF46E0C338056D8A9A
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.47 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 025D 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
58d5d69efb99ba86b86e44a4753304d14f0ebcda68e3b9b31faa68d85d2a9811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557761362186258"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28693
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:53 GMT
151f36d8-26c0-454a-9401-7cb2905b3f46
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame 1023 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu-ams3.rubiconproject.com/beacon/d/151f36d8-26c0-454a-9401-7cb2905b3f46?oo=0&accountId=12398&siteId=59924&zoneId=1107018&sizeId=9&e=6A1E40E384DA563B3FF087B144C8592AC440AB032C4BDF596DC0ACC27F24EA4A948490D554208D8C1BB1A97125E44ED7B8B520C6696685697BF2917EF004E7A2D56890A33A68D376CA0AE3EB89135EFE8D7AD3B9AF9AA0755F8D4C5453FA2A26FC8FDF0A48EDDA40D137346604869E740E3F8513618C281D32B7065C80D63391C12ABEA90FF8716EDCA7B41CC6A404FD7E625848872D964AE88D14A8E282D0F984351CC20AF16A3B0910D0E111EAECFE96644B19C0F9F2B4DDC3628ADA65A542239B11F4EEB1CCC0589F4869C5A75D20
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.47 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
/
www.facebook.com/tr/ 		44 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1520317101345890&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1557945473837&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557945473194.1714648602&it=1557945472799&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 15 May 2019 18:37:53 GMT
z90lKdJQ6c_EcxK3nd1ey1hsUpOqhx6Yz3vX_rtWuJTGRzkGmI8fVi8ORnsH2pyM140IyLvQbG4e54yuRotSOaYt_etzNMhmhCinSkQNkfKRknKgj9wa1ye85-Xvq8NNeaNCPN6lax2Z99Pi4AytDKXXukfF-0kOd8_0519Gsi7EJfpj9svCyJPATG8pgnZsSpVT1...
aj1431.online/ Frame DFC6 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z90lKdJQ6c_EcxK3nd1ey1hsUpOqhx6Yz3vX_rtWuJTGRzkGmI8fVi8ORnsH2pyM140IyLvQbG4e54yuRotSOaYt_etzNMhmhCinSkQNkfKRknKgj9wa1ye85-Xvq8NNeaNCPN6lax2Z99Pi4AytDKXXukfF-0kOd8_0519Gsi7EJfpj9svCyJPATG8pgnZsSpVT1x_hlYjp6C8KnH66EMaPAwiiB4tljMewRPt84Dyoc1OFdW_uRqBNO_G1Z27--VypNKwO3_FtEFk2kh88sltTrLJnPs3Bwx9BzqLEbEL_0UoXUKJoZn2_ISxNO-DyI_cg?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zSYJjW8eLawto-ZJkY4h0QT8M_NRDw_Oqugb8aNSrVFWrBw50RQAty7JAZuAl10HEoaxQM60PADQ1_RCnDTQx26a3Yb39djEEXlpf2dWkwPUpaPZFLFMittBk6tAWpCC3foOQUcp4Lj1CnPhp91E6NQHmjSP9MjwK8EYKpHncs_-EW5IqhRQKdErLow6KWbctEQp7...
aj1431.online/ 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zSYJjW8eLawto-ZJkY4h0QT8M_NRDw_Oqugb8aNSrVFWrBw50RQAty7JAZuAl10HEoaxQM60PADQ1_RCnDTQx26a3Yb39djEEXlpf2dWkwPUpaPZFLFMittBk6tAWpCC3foOQUcp4Lj1CnPhp91E6NQHmjSP9MjwK8EYKpHncs_-EW5IqhRQKdErLow6KWbctEQp7574xSMqeecK7pEkXywwWFwLhFRPOIqRh6l7CpYa2LQNDwuQ0L7Wa5MYBBJvc0gynl6do_srcxWG3yoUyTgA5IDio63tL39BnJ5gLJ8OdOh2DMdQ1dAofHFdEHxMN5aih?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zAKvR0Y6oICCWXNRlwW-0DAanfsY5p6iunPSBDD8gaYC2-t1bmfH4IJnXfQVUd_I9CIExDS_-IPd6jUetAaeqpAjhTFxCA5R-ocB5i0ioCBOLlZrH_vRfuigouag32J9s2mR3jUETCc4xM0ap-vo_h8n7FXqVTsM9rmOgOj-b-uNbDBbRm9ZbiEvbC3w7FekvweTr...
aj1431.online/ Frame D90A 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zAKvR0Y6oICCWXNRlwW-0DAanfsY5p6iunPSBDD8gaYC2-t1bmfH4IJnXfQVUd_I9CIExDS_-IPd6jUetAaeqpAjhTFxCA5R-ocB5i0ioCBOLlZrH_vRfuigouag32J9s2mR3jUETCc4xM0ap-vo_h8n7FXqVTsM9rmOgOj-b-uNbDBbRm9ZbiEvbC3w7FekvweTrUuFGNhjsL1SeQ64_JGQwlhKivVTkdtoRS9zXJr8zFFdJ1ZkPtpAOOgTq4yhb29kpQpjJyuJd7rMvwbau-E59efqcguquTKT4SZ7qp3yB0uhu2CtmHHC8wrbm4VahX5Q?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zt1TNtcAfNaRTKdGGI1hCE_kry_v_XbblMKCKa_XTBUdEle-KnOZ3u69H5R9TrpCC7azoI3fbjvrDIYMG0btOio5tr3Re7m9woJxBANKGOcTVfhSAPwRiadijka_jE3-HLLyPGjUr5Kg9mpzSSDeBjF4x5MnapT0ul5NzjkiGV2gH3vKSWwG2SXm09kZ1PiHQO5ls...
aj1431.online/ Frame 35A5 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zt1TNtcAfNaRTKdGGI1hCE_kry_v_XbblMKCKa_XTBUdEle-KnOZ3u69H5R9TrpCC7azoI3fbjvrDIYMG0btOio5tr3Re7m9woJxBANKGOcTVfhSAPwRiadijka_jE3-HLLyPGjUr5Kg9mpzSSDeBjF4x5MnapT0ul5NzjkiGV2gH3vKSWwG2SXm09kZ1PiHQO5lsRCyujFMhnuR_cwVl_07iNuhX1ZXb1ztmnB76sxMf4ElIoRiXEYtq0rPprNpSV_LoJCat0t2oVRZdkJBD_OadBHawcBZQP5W2FmOdfv0gIh1DoxnzmjABzMwvyJUj7E7y?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/616/s1.adform.net/ Frame 1023 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=30003420;rtbwp=E8D101A06DABF8C6;rtbdata=Ss331fw3S0vEJ6vUcGTVw1gB6W7PlFNB0ECw4osRbNB2_-0LrrMYXwAAZWIyjCv9Aqgz7zBa4EczbdwHtUVNgx9566KZAOfMSK2u8iYY4B9kiofayaCvJsfAXsimfjEjikSyMY6XAlzS67MZA6DIWCWqzgCXGRkUIyZgZNls97hZpidVpUlTTgF0e3PazgsBb3n0FJSWhHcvMlz0zr4mruPIqFIep5u2KYn8hTqZDzKO_0jI-T8xWukxya-8proW0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/151f36d8-26c0-454a-9401-7cb2905b3f46/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
502e784680ea81bacfd9a704f8f60ca837dae880ef617ed60a3dd125daf56bc7

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2019 12:21:22 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Thu, 16 May 2019 22:20:16 GMT
z-IcjiDQLWdh_JThzWLfdc2TPdszC8nKLauXBBeuPt1xXYYyOrV8tkKv-mKFusJ_jwJ1e6MMBOEAMSsZIcSb_wZuL5iOY-PhXd6XLk8MQvnPaEmVZYnfsaF5euNkfmBeti4mA1ySAjr5KQToy-9C0qu09X4kfO8mDX0q8zKuwbMk0XOMVRZl9WdOAFXxqpI30fk6V...
aj1431.online/ Frame 85B5 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z-IcjiDQLWdh_JThzWLfdc2TPdszC8nKLauXBBeuPt1xXYYyOrV8tkKv-mKFusJ_jwJ1e6MMBOEAMSsZIcSb_wZuL5iOY-PhXd6XLk8MQvnPaEmVZYnfsaF5euNkfmBeti4mA1ySAjr5KQToy-9C0qu09X4kfO8mDX0q8zKuwbMk0XOMVRZl9WdOAFXxqpI30fk6VUTElROJ6P_ouDiBJVbxUyDgPO-wUeR7cPTCR_gi4F6wfHEeZWWpxsI4ymFvRHc-u9mSU7Xtv8BqyDop7EtTNK0OQebZugYDVGYfaxJomMtW40v3TGD34Pwrq1Ta86M_h?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zqZpiD2_SivSqYaLlY7UfC7Tt--AwHWyLpU9sLGjj_JVNRJQna_m96OlO4xHbCZhkg1i_vr0jIpIT68z4FAw5CBLIU5UaKO5l_-PN56pUw-2VHqMXo_iBsisNTTxqZLJ9dKKDeVKS658rJLP6ldjY2gj4W1lKCW4oDB3fsJEtWGX8s6hVCTLQwAAlaz2Tu4N2Fyxu...
aj1431.online/ Frame E403 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zqZpiD2_SivSqYaLlY7UfC7Tt--AwHWyLpU9sLGjj_JVNRJQna_m96OlO4xHbCZhkg1i_vr0jIpIT68z4FAw5CBLIU5UaKO5l_-PN56pUw-2VHqMXo_iBsisNTTxqZLJ9dKKDeVKS658rJLP6ldjY2gj4W1lKCW4oDB3fsJEtWGX8s6hVCTLQwAAlaz2Tu4N2FyxuCpvKpjwvqyTNbJBHnH1WbH4903rc3uDsdM1AajMWoTLQszTNQ8d3iq1UB2q5LKE5xGopE6skf5JXu1u3XY5Gs703m0fwUf_NyDXAqSTXYJ9jPkhwL0yBocRDiCdhmTCP?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
z-jBZz2psk0FijCilOW1HTPSCnIY0TvzvvDVitHTCYFJfNFBnpxZIkXleXjl4OBq3NoD25_-MjfRdL79IxtwtVRWcMNSpyt5cQqrRBqaUjO-c70ndTUfHCA_sUY7cQtjlw1isrk3NkvQlnze5YQ-ai5YjXPblwdUvAOZ8HDSC8S5wrKPs7W662E25xfA5AlTu2GZm...
aj1431.online/ Frame 7373 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z-jBZz2psk0FijCilOW1HTPSCnIY0TvzvvDVitHTCYFJfNFBnpxZIkXleXjl4OBq3NoD25_-MjfRdL79IxtwtVRWcMNSpyt5cQqrRBqaUjO-c70ndTUfHCA_sUY7cQtjlw1isrk3NkvQlnze5YQ-ai5YjXPblwdUvAOZ8HDSC8S5wrKPs7W662E25xfA5AlTu2GZmHBd0oCtdaehDTYKIXwgkARdXN8RrvIpkCGA0oasvzRPB0w2QbIosgAyMbxaNQJZKyhu1FURQUO8Xjx3BOcrmS7BfCOCDXVv0MAt4qjrZyoHgIa3G_OSfnbnM7-3SHDg?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zgJf8X3r2n4sLM9OeZxQeRUt-jxvC4a614IMBghbBJw-h4OM8ftX3_YoAszWMnJOXSCwqLupD-EJaN_aCwploj3rWjPC4kUG5b1BUqjIkw4O1X_2g_7ayoMxztMa_-9FXUK3fjbILabQYlmIR10bgKWIuE9lcg2KcsYgQJCZfLuVj8PpzaaUGYUEjMfqEq3abbOUK...
aj1431.online/ Frame 5838 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zgJf8X3r2n4sLM9OeZxQeRUt-jxvC4a614IMBghbBJw-h4OM8ftX3_YoAszWMnJOXSCwqLupD-EJaN_aCwploj3rWjPC4kUG5b1BUqjIkw4O1X_2g_7ayoMxztMa_-9FXUK3fjbILabQYlmIR10bgKWIuE9lcg2KcsYgQJCZfLuVj8PpzaaUGYUEjMfqEq3abbOUKaD36SemVfxuQpeN26BoRxdAUZe-2ah78PHr7H_wOh1GV27kvNI3O1Oy5ajrH0l3kwm8gRQ-N6mnmbSpzhXK7qs6pzxoCmC12JJe31-xGhpunJbWjQljjoQ_DqRdWLo6u?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
g9a459fg9pvb
hal9000.redintelligence.net/zone/ Frame 359A 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/g9a459fg9pvb?subid=&rnd=3426348218384851329&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.39.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.39.243.136.clients.your-server.de
Software
Apache /
Resource Hash
15d8e4f71f20bd314602d33a14144e4c5fcd712425bf11c1251e057ff7176c95

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2815
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 359A 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=3426348218384851329&v3=651871&v4=4562355&v5=6622470&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvWmpZM056YzBNekF0TWpVNVpDMWlOVE5qTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM0MjYzNDgyMTgzODQ4NTEzMjkvNjYyMjQ3MC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVITXlrODJIMFI0T0Y5MDlQZEUzbkswOC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zNDI2MzQ4MjE4Mzg0ODUxMzI5L2Ftcy8wLzI4MDkvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/2p89HkUrl-0KMdOJJ8EJgmW8Dto&nodeid=702&auctionid=3426348218384851329&exch=ruc&sid=4562355&cid=6622470&price=8C8F7C280920394B&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1047 bd25af8 master zrh-pixel-x20 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Server
MT3 1047 bd25af8 master zrh-pixel-x20
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 15 May 2019 18:37:53 GMT
img
tags.mathtag.com/event/ Frame 359A 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=3426348218384851329&st=4562355&time=1557945474
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvWmpZM056YzBNekF0TWpVNVpDMWlOVE5qTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM0MjYzNDgyMTgzODQ4NTEzMjkvNjYyMjQ3MC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVITXlrODJIMFI0T0Y5MDlQZEUzbkswOC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zNDI2MzQ4MjE4Mzg0ODUxMzI5L2Ftcy8wLzI4MDkvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/2p89HkUrl-0KMdOJJ8EJgmW8Dto&nodeid=702&auctionid=3426348218384851329&exch=ruc&sid=4562355&cid=6622470&price=8C8F7C280920394B&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.144.3 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Server
MMBD/3.144.3
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x36, zrh-bidder-x60
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 15 May 2019 18:37:53 GMT
zJGCSvOkvQQwUbbrnK3uhJ_zVJNnQ3P3BBnGD_XnjCxlytTOjsyhrD6DZF0X-6JAtdlOrOlHtNCCruFMPkBZ-4Zq7u_0R3wPOiMagYMyvnUqd3RU27NML5e3_XQF5cqNpPHunReL8VIN-_tqUfQHWzYzt9gxSs0uXxjiSRz5nOXmOSL7fj6tIxzuNnipt8Zkgi8O5...
aj1431.online/ Frame C9FE 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zJGCSvOkvQQwUbbrnK3uhJ_zVJNnQ3P3BBnGD_XnjCxlytTOjsyhrD6DZF0X-6JAtdlOrOlHtNCCruFMPkBZ-4Zq7u_0R3wPOiMagYMyvnUqd3RU27NML5e3_XQF5cqNpPHunReL8VIN-_tqUfQHWzYzt9gxSs0uXxjiSRz5nOXmOSL7fj6tIxzuNnipt8Zkgi8O5AUBNjfW8v7VHybpqCeEP8cmCXABvu4HLoHD1dVpl7vTOsugYEwPLvIraf8cs0hVVa3dVeznaA3Yo2Poh5Ign4zIdB7MCZAsKQfigvaUaoPjain_Oh2ZL6lDrfR2vpCo?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zm7nTb05yPygr0wznsHHNFJjWK5f0a7Zj42j-Kfw2LFlncxAecTGRlARYFvhUwEv_zOQT-yFCDSaO6bfBS8j8UyMeMAi1tGLdE7Dd9h8E7KpMn6e6eVxUSPHZ8ItXbIJUt3OxY6o8-O0ed4gVZFNafTv_CWN2wTQxQ1WbnU9uTndfC3jwNqtgKsC32FtzjjcFEHfi...
aj1431.online/ Frame 1A60 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zm7nTb05yPygr0wznsHHNFJjWK5f0a7Zj42j-Kfw2LFlncxAecTGRlARYFvhUwEv_zOQT-yFCDSaO6bfBS8j8UyMeMAi1tGLdE7Dd9h8E7KpMn6e6eVxUSPHZ8ItXbIJUt3OxY6o8-O0ed4gVZFNafTv_CWN2wTQxQ1WbnU9uTndfC3jwNqtgKsC32FtzjjcFEHfirg4cycW5Ijq_zdJN-W5oycK4T6M3AOF4muAnxeg8V_wYlK0ENOood-sYD4Yre_OZQCrhxdnGfgbpyLPazAQaul2X_CHop28njpg6rWeKL_WrQbkr5i_Wg8wqcFjiqsc?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:53 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zLcvfPmDqYUMMDhftIpRsbFnvycqAWD3xT1yhcipGEkJerG6Ly25YFect8MDEw4uduNAjD4r8rg68LfFLOLFWfVVwywLsFW6qOrWEMzSAACaZvyi1moVeAbCTh92mAnrWnk8yMJwtBoMYTQMYik8g5eO_81Q6Gbso1hNOQjppi5HMvHFhrpVMcO9Rf8H3dfA2IJHT...
aj1431.online/ Frame 435E 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zLcvfPmDqYUMMDhftIpRsbFnvycqAWD3xT1yhcipGEkJerG6Ly25YFect8MDEw4uduNAjD4r8rg68LfFLOLFWfVVwywLsFW6qOrWEMzSAACaZvyi1moVeAbCTh92mAnrWnk8yMJwtBoMYTQMYik8g5eO_81Q6Gbso1hNOQjppi5HMvHFhrpVMcO9Rf8H3dfA2IJHTXC71mU4UeKugXZxC_lfcXTMiPh6wHKUHjQc6x9T6UOetcEZb4D1y_4768o9SBoH4bMFiS7YbuMHNZOs36FLA9qmKzqtIgOjYDiMXQkjWRHvgMenmuRB-tnwYydkAbz0?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:54 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zyvWmf7kpH9InEahXejUMnUxFSPVykbIdvFSlve--UVKSwyxIR1TFPXd-qtpGvCCDhzaG1o1OCucnuTUgv40HWLAKnL5_W2g2wELN10s1kYII4HzXADrN86rLE47ddBgE3nNS58eFe_k7nrUBVcuinV597N-ozz5Hqu5jJHO3mZMg_oqP-Etappc5Xn4nlCDIKlvq...
aj1431.online/ Frame 8AA9 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zyvWmf7kpH9InEahXejUMnUxFSPVykbIdvFSlve--UVKSwyxIR1TFPXd-qtpGvCCDhzaG1o1OCucnuTUgv40HWLAKnL5_W2g2wELN10s1kYII4HzXADrN86rLE47ddBgE3nNS58eFe_k7nrUBVcuinV597N-ozz5Hqu5jJHO3mZMg_oqP-Etappc5Xn4nlCDIKlvqBO1SglaE7vd9X1AwMUQtDe8HKvdaecotjfrZVlhoCqCc2CP1gfk3esflqn6zoCXFxfKO7qc8vKD3u1lFyeEFXIxqWD1Bu9dqUr_aC7f0cpDW8rw61giQMJ3bqAZrgWZA?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.88.224.28 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:54 GMT
Last-Modified
Thu, 11 Apr 2019 10:28:12 GMT
ETag
W/"49-1554978492000"
P3P
CP="CAO PSA OUR"
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dap2i2xhbauc
hal9000.redintelligence.net/zone/ Frame 025D 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/dap2i2xhbauc?subid=&rnd=5630670867653403009&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.51.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.216.51.243.136.clients.your-server.de
Software
Apache /
Resource Hash
0f202d4a8de51b21f4cbf29e00bcd0e50c748a3621cfff71b619880aedca6f13

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2815
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
dvtp_src.js
cdn.doubleverify.com/ Frame 025D 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=499507&cmp=DV119194&sid=17306&plc=sampletag&num=&adid=&advid=3819603&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src&DVP_IS_SAMPLE=1&DVP_PP_REP=1&DVP_IQM_ID=10&DVPX_PP_IMP_ID=5630670867653403009&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_DEAL_ID=&DVP_PP_APP_ID=&DVP_MM_1=216536&DVP_MM_2=651871&DVP_MM_3=4562355&DVP_MM_4=6622478&DVP_MM_5=ruc&DVP_MM_6=9&DVP_MM_7=12398&DVP_MM_8=59924&DVP_MM_9=&turl=https%3A//www.gazetaexpress.com/
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvTXpOaFltTTJNak10TkRjek5TMHpZMlUzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzU2MzA2NzA4Njc2NTM0MDMwMDkvNjYyMjQ3OC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVIQU5maUhtVi03Y09TSk1UVzk3aU14MC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81NjMwNjcwODY3NjUzNDAzMDA5L3pyaC8wLzI4MDcvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/Rq3qWgW5WvArY2kOUEU729vxuEg&nodeid=1336&auctionid=5630670867653403009&exch=ruc&sid=4562355&cid=6622478&price=70799B816A06AC92&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.248.82 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-82.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6b2b9c17d2eb30c7b2a2e233594397f03fd377e953a04e0f0d180ffffb59fcf0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 11:06:24 GMT
Server
Microsoft-IIS/10.0
ETag
"07817e77b9d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=42145
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5085
img
pixel.mathtag.com/event/ Frame 025D 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=5630670867653403009&v3=651871&v4=4562355&v5=6622478&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvTXpOaFltTTJNak10TkRjek5TMHpZMlUzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzU2MzA2NzA4Njc2NTM0MDMwMDkvNjYyMjQ3OC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVIQU5maUhtVi03Y09TSk1UVzk3aU14MC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81NjMwNjcwODY3NjUzNDAzMDA5L3pyaC8wLzI4MDcvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/Rq3qWgW5WvArY2kOUEU729vxuEg&nodeid=1336&auctionid=5630670867653403009&exch=ruc&sid=4562355&cid=6622478&price=70799B816A06AC92&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1047 bd25af8 master zrh-pixel-x20 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Server
MT3 1047 bd25af8 master zrh-pixel-x20
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 15 May 2019 18:37:53 GMT
img
tags.mathtag.com/event/ Frame 025D 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=5630670867653403009&st=4562355&time=1557945474
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzE5LyAvTXpOaFltTTJNak10TkRjek5TMHpZMlUzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzU2MzA2NzA4Njc2NTM0MDMwMDkvNjYyMjQ3OC80NTYyMzU1LzkvbjFEREVMWWZrUDRfRVJCT2s4dVVIQU5maUhtVi03Y09TSk1UVzk3aU14MC8xLzkvMC8wLzk1NjgwMy8xMzk4ODcxODI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81NjMwNjcwODY3NjUzNDAzMDA5L3pyaC8wLzI4MDcvODUvOTk5LzgvODMuOTcuMjMuMC8wLjAwMC8/Rq3qWgW5WvArY2kOUEU729vxuEg&nodeid=1336&auctionid=5630670867653403009&exch=ruc&sid=4562355&cid=6622478&price=70799B816A06AC92&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aeiaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.144.3 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:54 GMT
Server
MMBD/3.144.3
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x27, cdg-bidder-x78
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 15 May 2019 18:37:53 GMT
/
track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame 1023 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY1vSiwxEZjwVmsVoCwOOneNufuyPBDjaY2ftckuyPB884akHGOg4BPMg3kOFkxZrN.S9RdPQSzOy_Aw7UTlf_01kKHoNvdNNNBRJlmX6QSs6uOMtVyxYMJ5tFFg4K1kl1BNlY6RjJNlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.914Nc0FAKXV4jMk..CE/adfserve/?CC=1&bn=30003420;rtbwp=E8D101A06DABF8C6;rtbdata=Ss331fw3S0vEJ6vUcGTVw1gB6W7PlFNB0ECw4osRbNB2_-0LrrMYXwAAZWIyjCv9Aqgz7zBa4EczbdwHtUVNgx9566KZAOfMSK2u8iYY4B9kiofayaCvJsfAXsimfjEjikSyMY6XAlzS67MZA6DIWCWqzgCXGRkUIyZgZNls97hZpidVpUlTTgF0e3PazgsBb3n0FJSWhHcvMlz0zr4mruPIqFIep5u2KYn8hTqZDzKO_0jI-T8xWukxya-8proW0;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f151f36d8-26c0-454a-9401-7cb2905b3f46%2f;js=1;adfxid=1x;7032;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0;fd=0|15&CREFURL=https%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dcff3e2be255c039c6d45cb55c9769feeae5585a284b19e827ed19d11ddf9b35

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
3386
expires
-1
/
www.facebook.com/tr/ Frame E60A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2149
pragma
no-cache
cache-control
no-cache
origin
https://www.gazetaexpress.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
cookie
fr=0L01jAKRiGqscEER2..Bc3FyB...1.0.Bc3FyB.
Origin
https://www.gazetaexpress.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Wed, 15 May 2019 18:37:54 GMT
usync.html
eus.rubiconproject.com/ Frame 155B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.171.127 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-171-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhLqCtgCFRTpP3Ow5zwYWQP2OPQMSdY7Plho/RRR2s2jWpYWaqeROXM3r9QV20o10JuQw19gMkasvdREJwzG6qEKRdPaKTS6LHM16WA9Sa+kU0eEDxov4=; ses9=59924^1; vis9=59924^1; khaos=JVPKICKQ-1H-I6UX; ses15=59924^1; vis15=59924^1; audit=1|8Ot/W2o3ZJHptNWKONwN9HJJndKLdNyPcJUMmGMI2yp0neah8w8kl1wVY01leCvm3qm17Qju97IO4a095QQWnP0p6XpNoJVt3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Tue, 07 May 2019 18:54:29 GMT
Content-Encoding
gzip
Content-Length
7450
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=66262
Expires
Thu, 16 May 2019 13:02:17 GMT
Date
Wed, 15 May 2019 18:37:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame 1023 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96bf1ac743386800f218cee1b48949f32146838af63ae2db83c45ade062861c5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal900010.redintelligence.net/ Frame 359A
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=4334637776880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.51.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.51.243.136.clients.your-server.de
Software
Apache /
Resource Hash
372d9c567e991c67df639258616d2bde96080e3a1c823643c10384295b1f18a9

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
69956000199412700951459010864010
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1229
Expires
Wed, 15 May 2019 19:37:54 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:54 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=4334637776880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 15 May 2019 19:37:54 +0200
Standard
s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/ Frame 1023 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e4b9d94b385fe82b60c6c742cf9a765e367aff9f8ccc23858f9f5cb9856d6053

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2019 12:21:22 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Thu, 16 May 2019 21:35:14 GMT
request.php
hal900030.redintelligence.net/ Frame 025D
Redirect Chain
  • https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=7705974497410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.40.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.40.243.136.clients.your-server.de
Software
Apache /
Resource Hash
ef7bb7ba9103f1f41794ea664902f24c09fe68569802bcc6834ae1957f33061f

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
86603400253640500951453010864030
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1232
Expires
Wed, 15 May 2019 19:37:55 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:55 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=7705974497410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 15 May 2019 19:37:55 +0200
/
track.adform.net/csimpr/ Frame 1023 		35 B
419 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=30003420&csi=1pnJV2UjYeLdJenJxbrACKuoSty8a9FnJ6-73gzw00Ycz_u0ioO6ty7cS_nCueW7nhRGWB6XazJxQpIh-fwfngZZbh2UrBOVkXTsvuSYbdxqKUb7f9yO2-kXxPdTkxyH0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:54 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
6086410.js
s1.adform.net/Banners/Elements/Files/255033/6086410/ Frame 603B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/255033/6086410/6086410.js?ADFassetID=6086410&bv=513
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9ad51daa3adb7709558edc3356c3506a7c1ff5a402b0a5c8bcaaf890c9387670
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Fri, 08 Feb 2019 16:08:53 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c5da995-758"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript
index.css
s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/ Frame 603B 		26 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/index.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
de4414ec5e246b67afdeca511e0bbc49e44a03a5e94392652aedd0499d4a078b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Fri, 08 Feb 2019 16:08:52 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c5da994-667c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/css
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 603B 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=616
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Thu, 10 Jan 2019 11:50:18 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c37317a-7694"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.FlexGallery-1.js
s1.adform.net/banners/scripts/components/ Frame 603B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/Adform.FlexGallery-1.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9b6db9fa9496af49f62411e9f34276419859821a07655f975f8e513f0020379e

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Fri, 03 May 2019 13:08:30 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5ccc3d4e-5afb"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript
css
fonts.googleapis.com/ Frame 603B 		795 B
457 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b6d0545dc5ec9f70c4f7922cf706d8830b9df026138c4bfbeb47d01be3938721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 May 2019 18:37:54 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 15 May 2019 18:37:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 15 May 2019 18:37:54 GMT
Adform.Styles-1.css
s1.adform.net/banners/scripts/components/styles/ Frame 603B 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/styles/Adform.Styles-1.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
630d20fbfbc0433e2664f743d78cb919870f0ecf8c923d7a1d1bd95f8e03c311

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Fri, 03 May 2019 13:08:30 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5ccc3d4e-1557"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/css
index.js
s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/ Frame 603B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/index.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/load/v/0.0.171/e/.wSBgkg/i/8IG-xAAAACgAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62ef5b85c81a23b0d1381dbab4ebff5aceb23073736305b99fb2bb81ba7b0844
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Fri, 08 Feb 2019 16:08:53 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c5da995-1b8c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.FlexGallery-1.css
s1.adform.net/banners/scripts/components/styles/ Frame 603B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/components/styles/Adform.FlexGallery-1.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/components/Adform.FlexGallery-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45a96d79c3d1efb7e227b4a23d40a3184e69296a4aa1563de5b5ec9179a3d6ef

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
content-encoding
gzip
last-modified
Fri, 03 May 2019 13:08:30 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5ccc3d4e-d3a"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/css
truncated
/ Frame 603B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1597c36ceb02007f2973e75215c4e932893f828366047c7a864e427da868e065

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 603B 		967 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
903196df3ae718ef2e940c76e98aa0cbfc77873ce5458f1af7084ca4ed232da6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 603B 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e407dd2e725c1938a2b93c5f5c2a4a24100f3f3d1c79d70e83f06ee36f5c6cca

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 603B 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a80b0a35e87ff5b0dad203e15ca0d6d7879db4001a13d460ec451f155c5ff13

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v13/ Frame 603B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v13/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:700
Origin
https://www.gazetaexpress.com

Response headers

date
Mon, 25 Mar 2019 20:23:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:34 GMT
server
sffe
age
4400043
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13228
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:23:51 GMT
onepixel.gif
ad.zanox.com/ppv/images/ Frame A0A3
Redirect Chain
  • https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=69956000199412700951459010864010
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dt_subid2=&actionid=879111&produ...
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dyn_id=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dyn_id=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=4334637776880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
ad.zanox.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
zttpvc=5C253411S2563813097102330883T0II5C20974S2563813097106525184T0II45475836C0SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883; zptpvc=5C253411S2563813097102330883T0II5C20974S2563813097106525184T0II45475836C0SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Content-Type
image/gif
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Accept-Ranges
bytes
ETag
"09764d4eab5bf1:0"
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Date
Wed, 15 May 2019 18:37:55 GMT
Content-Length
43
Via
10.30.0.111%1
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 15 May 2019 08:37:55 GMT
Location
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq96757458113092945753827034434265yb5yb7T2563813096292744197&dyn_id=
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=h0okytvyxftydwd0sjch0pph; path=/; HttpOnly DTU=1FD9B2F3E9077F1220C03B954F3016B4; expires=Sat, 15-May-2021 18:37:55 GMT; path=/
P3P
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Wed, 15 May 2019 18:37:54 GMT
Content-Length
0
view.asp
banners.webmasterplan.com/ Frame 359A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=69956000199412700951459010864010&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=g9a459fg9pvb&nw=20&renderingType=javascript&namespace=043a8f39da&subid=&uid=977c2a5cf9effac1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3426348218384851329%26mt_id%3D6622470%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Dd0005cdc-5c82-4c1e-b219-9bf979d16408%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fc48dde8d-0224-42f5-88d9-18b5a920fcaf%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=4334637776880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
01d422e245d7a930136189de703b3ab6c7803f191ae0ea98721d952e31b8e96a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:54 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP="STP CUR OUR"
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
application/x-javascript; charset=utf-8
Content-Length
722
Expires
0
onepixel.gif
ad.zanox.com/ppv/images/ Frame 359A
Redirect Chain
  • https://ad.zanox.com/ppv/?45475836C666538628&zpar0=69956000199412700951459010864010
  • https://ad.zanox.com/ppv/images/onepixel.gif
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:56 GMT
Via
10.30.0.113%1
ETag
"09764d4eab5bf1:0"
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:55 GMT
Via
10.30.2.80%1
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
Location
https://ad.zanox.com/ppv/images/onepixel.gif
Cache-Control
no-store
Connection
close
Content-Length
0
jobs-at-zanox
https://www.zanox.com/jobs/international
5831965.jpg
s1.adform.net/banners/Elements/Files/255033/ Frame 603B
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/255033/5831965.jpg?assetID=5831965&av=1
  • https://s1.adform.net/banners/Elements/Files/255033/5831965.jpg?assetID=5831965&av=1?assetID=5831965&av=1
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/255033/5831965.jpg?assetID=5831965&av=1?assetID=5831965&av=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
28332d4988a5c14eae80b430861c845e4c27560dedbd2ac25d99a73b5f16e375
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
last-modified
Wed, 21 Nov 2018 14:21:37 GMT
server
nginx
access-control-allow-origin
*
etag
"5bf569f1-4dd9"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
19929

Redirect headers

status
302
date
Wed, 15 May 2019 18:37:54 GMT
server
nginx
location
https://s1.adform.net/banners/Elements/Files/255033/5831965.jpg?assetID=5831965&av=1?assetID=5831965&av=1
content-type
text/html
5803807.jpg
s1.adform.net/banners/Elements/Files/255033/ Frame 603B
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/255033/5803807.jpg?assetID=5803807&av=1
  • https://s1.adform.net/banners/Elements/Files/255033/5803807.jpg?assetID=5803807&av=1?assetID=5803807&av=1
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/255033/5803807.jpg?assetID=5803807&av=1?assetID=5803807&av=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
563d4b60ea74bfc6c122c6cde135beaedf430b37b1dc087794c6d9db7a9a6ac2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
last-modified
Thu, 15 Nov 2018 14:35:07 GMT
server
nginx
access-control-allow-origin
*
etag
"5bed841b-4ad6"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
19158

Redirect headers

status
302
date
Wed, 15 May 2019 18:37:54 GMT
server
nginx
location
https://s1.adform.net/banners/Elements/Files/255033/5803807.jpg?assetID=5803807&av=1?assetID=5803807&av=1
content-type
text/html
6085645.jpg
s1.adform.net/banners/Elements/Files/255033/ Frame 603B
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/255033/6085645.jpg?assetID=6085645&av=1
  • https://s1.adform.net/banners/Elements/Files/255033/6085645.jpg?assetID=6085645&av=1?assetID=6085645&av=1
14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/255033/6085645.jpg?assetID=6085645&av=1?assetID=6085645&av=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
44a9d3f6b779c3ed39fb81c652f9291226a0ba0e1286f56b49f8bd5843cb864a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
last-modified
Tue, 05 Feb 2019 11:36:02 GMT
server
nginx
access-control-allow-origin
*
etag
"5c597522-39d0"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
14800

Redirect headers

status
302
date
Wed, 15 May 2019 18:37:54 GMT
server
nginx
location
https://s1.adform.net/banners/Elements/Files/255033/6085645.jpg?assetID=6085645&av=1?assetID=6085645&av=1
content-type
text/html
5803798.jpg
s1.adform.net/banners/Elements/Files/255033/ Frame 603B
Redirect Chain
  • https://track.adform.net/banners/Elements/Files/255033/5803798.jpg?assetID=5803798&av=1
  • https://s1.adform.net/banners/Elements/Files/255033/5803798.jpg?assetID=5803798&av=1?assetID=5803798&av=1
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/banners/Elements/Files/255033/5803798.jpg?assetID=5803798&av=1?assetID=5803798&av=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
993a4aebbd4266ef8e397489ed20977eeda8ef519ed76c386ad685a72150b814
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 18:37:54 GMT
last-modified
Thu, 15 Nov 2018 14:35:07 GMT
server
nginx
access-control-allow-origin
*
etag
"5bed841b-5a28"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
23080

Redirect headers

status
302
date
Wed, 15 May 2019 18:37:54 GMT
server
nginx
location
https://s1.adform.net/banners/Elements/Files/255033/5803798.jpg?assetID=5803798&av=1?assetID=5803798&av=1
content-type
text/html
adform.woff
s1.adform.net/Banners/Scripts/assets/fonts/ Frame 603B 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Scripts/assets/fonts/adform.woff
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/255033/6086410/bvpath_513/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2deb0a535ddbac8644c6696de0236fdc73fb168f572745c4139f5a4c8cde7b98

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://s1.adform.net/banners/scripts/components/styles/Adform.Styles-1.css
Origin
https://www.gazetaexpress.com

Response headers

date
Wed, 15 May 2019 18:37:57 GMT
last-modified
Tue, 16 Aug 2016 07:50:20 GMT
server
nginx
access-control-allow-origin
*
etag
"57b2c5bc-6b8"
x-cache-status
HIT
content-type
application/font-woff
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
1720
truncated
/ Frame 603B 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8134010f00b4c653082dc83d7a0f41f1e5be0ee703b223a2ea176a5dc1d3c14f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.gazetaexpress.com

Response headers

Content-Type
font/woff
/
track.adform.net/Serving/Event/ Frame 1023 		35 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=30003420&event=3&time=0&banner=31145536&asset=6086410&name=Banner%20is%20visible&imprid=4258094457637731539&icid=-1585108757961464411&eData=1pnJV2UjYeKcmmXw6Fhv6Y62yvX7_22Nf3D9TnrwlrieFEZYHpdrMnFCkiH5_B-eBlluHZSsE5WRdOy-5Jht3I8ZNnbPQc_e0&rnd=529426630
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:54 GMT
server
nginx
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
pvdi.aspx
banners.webmasterplan.com/ Frame B2BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=69956000199412700951459010864010&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by
Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=69956000199412700951459010864010&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host
banners.webmasterplan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
affili_0=uid=ykanxpsbva2nptvmffzdedaw&date=2019-05-15T20:37:54; affili_4655pv=ref=203506&subid=69956000199412700951459010864010&date=2019-05-15&cltime=2019-05-15T20:37:54&linkType=1&linkNb=1249
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
P3P
CP="STP CUR OUR"
X-Powered-By
ASP.NET
Date
Wed, 15 May 2019 18:37:54 GMT
Content-Length
444
Cookie set cookie
banner.congstar.de/ Frame E319 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://banner.congstar.de/cookie?afid=203506-69956000199412700951459010864010&affmt=1&affmn=1249
Requested by
Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=69956000199412700951459010864010&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.214.124.106 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
h2491987.stratoserver.net
Software
/
Resource Hash

Request headers

Host
banner.congstar.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 15 May 2019 18:37:55 GMT
Set-Cookie
staticentry=%7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-69956000199412700951459010864010%22%2C%22affmt%22%3A%221%22%7D; Domain=.congstar.de; Expires=Wed, 22-May-2019 18:37:55 GMT; Path=/
Content-Length
0
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
B8594688.214760858;dc_pre=CJrOspWXnuICFYRx4AodEPgB6Q;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/ Frame 359A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CJrOspWXnuICFYRx4AodEPgB6Q;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;...
42 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CJrOspWXnuICFYRx4AodEPgB6Q;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CJrOspWXnuICFYRx4AodEPgB6Q;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link.html
track.webgains.com/ Frame 359A 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=69956000199412700951459010864010
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9052e0d75c441676edb636553726e6d23c04c580672876077ea61195b023aff5

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:56 GMT
Last-Modified
Wed, 15 May 2019 18:37:56 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1023 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5gI_r_ytx78f9p58nER6BgwfDDeZw5CFEsAi0uKKCkT6gNk2cVol_MGD_aI_jU3oVzU4p8-5q_ZboxOCprxw6WisVyQ2TItvbX92_1Tc&sig=Cg0ArKJSzBQ41p1_l3A_EAE&adk=4206218631&tt=-1&bs=1585%2C1200&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&p=225,143,825,303&mkm=1&mcvt=1062&rs=3&ht=0&tfs=625&tls=1687&mc=1&lte=1&bas=0&bac=0&avms=geo&md=2&rst=1557945473804&rpt=747&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C10588&ss=1600%2C1200&pt=-1&deb=1-3-3-12-15-44-66-13&tvt=1660&r=v&id=osdim&vs=4&uc=11&upc=0&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190513
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
onepixel.gif
ad.zanox.com/ppv/images/ Frame 5778
Redirect Chain
  • https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=86603400253640500951453010864030
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dt_subid2=&actionid=879111&produ...
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dyn_id=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dyn_id=
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=7705974497410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
ad.zanox.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
zttpvc=5C253411S2563813097102330883T0II5C20974S2563813097106525184T0II45475836C0SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883; zptpvc=5C253411S2563813097102330883T0II5C20974S2563813097106525184T0II45475836C0SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Content-Type
image/gif
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Accept-Ranges
bytes
ETag
"09764d4eab5bf1:0"
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Date
Wed, 15 May 2019 18:37:55 GMT
Content-Length
43
Via
10.30.0.111%1
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 15 May 2019 08:37:55 GMT
Location
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq21306858287120845753821034434275yb5yb7T2563813097102330883&dyn_id=
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=sf0iapi20mwz3jmcyzx1fo4q; path=/; HttpOnly DTU=FB343B64F05EFA1B301DE68E508FA429; expires=Sat, 15-May-2021 18:37:55 GMT; path=/
P3P
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Wed, 15 May 2019 18:37:54 GMT
Content-Length
0
view.asp
banners.webmasterplan.com/ Frame 025D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=86603400253640500951453010864030&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=faba57f34d&subid=&uid=0a9e745a790533ec&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5630670867653403009%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D0da25cdc-5c82-40eb-b9d3-1554070eb645%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F5f37e1c9-514a-485f-81ff-668eff6510fc%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=7705974497410&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bce452461b0ea7968dae20079b7c3bb031862ab16a516d1dd96d8e5582090d6a

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:55 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP="STP CUR OUR"
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
application/x-javascript; charset=utf-8
Content-Length
722
Expires
0
onepixel.gif
ad.zanox.com/ppv/images/ Frame 025D
Redirect Chain
  • https://ad.zanox.com/ppv/?45475836C666538628&zpar0=86603400253640500951453010864030
  • https://ad.zanox.com/ppv/images/onepixel.gif
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:55 GMT
Via
10.30.0.112%1
ETag
"09764d4eab5bf1:0"
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:55 GMT
Via
10.30.2.160%1
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
Location
https://ad.zanox.com/ppv/images/onepixel.gif
Cache-Control
no-store
Connection
close
Content-Length
0
jobs-at-zanox
https://www.zanox.com/jobs/international
pvdi.aspx
banners.webmasterplan.com/ Frame 591E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=86603400253640500951453010864030&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by
Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=86603400253640500951453010864030&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host
banners.webmasterplan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
affili_0=uid=pc3k4c1afjnvgjcynkxchzqh&date=2019-05-15T20:37:55; affili_4655pv=ref=203506&subid=86603400253640500951453010864030&date=2019-05-15&cltime=2019-05-15T20:37:55&linkType=1&linkNb=1249
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
4.0
X-AspNet-Version
4.0.30319
P3P
CP="STP CUR OUR"
X-Powered-By
ASP.NET
Date
Wed, 15 May 2019 18:37:55 GMT
Content-Length
444
Cookie set cookie
banner.congstar.de/ Frame 5D89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://banner.congstar.de/cookie?afid=203506-86603400253640500951453010864030&affmt=1&affmn=1249
Requested by
Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=86603400253640500951453010864030&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.214.124.106 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
h2491987.stratoserver.net
Software
/
Resource Hash

Request headers

Host
banner.congstar.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 15 May 2019 18:37:55 GMT
Set-Cookie
staticentry=%7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-86603400253640500951453010864030%22%2C%22affmt%22%3A%221%22%7D; Domain=.congstar.de; Expires=Wed, 22-May-2019 18:37:55 GMT; Path=/
Content-Length
0
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html
B8594688.214760858;dc_pre=CLPQspWXnuICFUiuewodk2AKGg;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/ Frame 025D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
  • https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CLPQspWXnuICFUiuewodk2AKGg;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;...
42 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CLPQspWXnuICFUiuewodk2AKGg;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CLPQspWXnuICFUiuewodk2AKGg;dc_trk_aid=413832474;dc_trk_cid=64219029;ord=%5Btimestamp%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link.html
track.webgains.com/ Frame 025D 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=86603400253640500951453010864030
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
42d253d262d6021586fd0b61108b59b28db2e337497e3ab06c4fc0bc81423ef1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:56 GMT
Last-Modified
Wed, 15 May 2019 18:37:56 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
track.adform.net/serving/unload/ Frame 1023 		35 B
419 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-1585108757961464411@@30003420,4258094457637731539,100|1197|0|0|0|0|0|0|0||60|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||11
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:56 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 1023 		35 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=30003420&event=178&time=2&banner=31145536&name=Viewable%20impressions&imprid=4258094457637731539&icid=-1585108757961464411&eData=1pnJV2UjYeKcmmXw6Fhv6Y62yvX7_22Nf3D9TnrwlrieFEZYHpdrMnFCkiH5_B-eBlluHZSsE5WRdOy-5Jht3I8ZNnbPQc_e0&rnd=460064582&rtbwp=E8D101A06DABF8C6&rtbdata=Ss331fw3S0vEJ6vUcGTVw1gB6W7PlFNB0ECw4osRbNB2_-0LrrMYXwAAZWIyjCv9Aqgz7zBa4EczbdwHtUVNgx9566KZAOfMSK2u8iYY4B9kiofayaCvJsfAXsimfjEjikSyMY6XAlzS67MZA6DIWCWqzgCXGRkUIyZgZNls97hZpidVpUlTTgF0e3PazgsBb3n0FJSWhHcvMlz0zr4mruPIqFIep5u2KYn8hTqZDzKO_0jI-T8xWukxya-8proW0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:56 GMT
server
nginx
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
clk.min.js
analytics.webgains.io/ Frame 359A 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/clk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=69956000199412700951459010864010
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:c200:9:352d:a240:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
564947a45c20467913c6655c817027ff96c4be9016f75486ff639595a39d7ac1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
5lAq7dc2rqJl3CRZUhKkc3qwyU7sl1D2
content-encoding
gzip
last-modified
Mon, 13 May 2019 09:03:57 GMT
server
AmazonS3
age
34435
date
Wed, 15 May 2019 09:04:10 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
Q0H6RK_OVYmKNd8LfewDM5-vGvNhJAHe3VpFJOZsebBaq0f64k30LQ==
via
1.1 852d9d8bb32e82e505d63b5dd4b1e6e1.cloudfront.net (CloudFront)
hit
diapi.webgains.com/2.0/ Frame 359A 		76 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=NOa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKseKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kks3hjC9TkBygjhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflJflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWk8QTPJxVOxOUPm8LKfAaZ4ySy.aPjftckirQjEItAz7Bi7C2U5LRuaDeyjaY2ftckuyPBDjaY1HGOg3ZLQ0I5_v0B5J1NFrN.S9RdPQSzOy_Aw7UTlf_01kKHoNvxQgB5D9NtG2hiw2xBfwkETlfe2Rc7L1eWNNW5BNlYiMfTjV.7tn&wgcookie=%7B%22wgifp12595%22%3A%5B%2299582%22%2C%2212595%22%2C%22723175%22%2C%22%22%2C%221557945476%22%2C%22https%253A%252F%252Fwww.gazetaexpress.com%252F%22%2C%22%22%2C%22%22%2C%221713465476%22%2C%2269956000199412700951459010864010%22%5D%7D&wgchecksum=bf21daa96a66ce9c2946dbd771da6bb9&userIP=83.97.23.20&doAffectv=1&wgtime=1557945476
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=69956000199412700951459010864010
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.12.250 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-12-250.servers.dedipower.net
Software
Apache /
Resource Hash
f128afe52bebb537395a1f6a724c9d93cba380ef73d4d694bc1fa73dd1ad307d

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 May 2019 18:37:56 GMT
Server
Apache
Connection
close
Content-Length
76
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 359A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=82094800226046200951421010864040&wglinkid=723175
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:56 GMT
Last-Modified
Wed, 15 May 2019 18:37:56 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2727
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312
8019191.fls.doubleclick.net/ Frame 42FD
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312?
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8019191.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkyVifRuy9eqEtQgH6q1w4gwYxQPshsvw3xYZ2OZZ-y7rsOGZs8T9FHI5qE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 15 May 2019 18:37:56 GMT
expires
Wed, 15 May 2019 18:37:56 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 15 May 2019 18:37:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CL7nypWXnuICFUO9dwodsIcMXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3580819207339.312?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
request_content.php
hal900010.redintelligence.net/ Frame 1912 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=69956000199412700951459010864010&a=69689ce6
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.51.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.51.243.136.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal900010.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=d5a91eb7f3fa35d6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 15 May 2019 18:37:57 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 15 May 2019 19:37:57 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1331
Connection
close
Content-Type
text/html; charset=utf-8
id.js
mathid.mathtag.com/device/ Frame 359A 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mathid.mathtag.com/device/id.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.135.48 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
/ Express
Resource Hash
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:57 GMT
Content-Encoding
gzip
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
X-MM-Host
cdg-mathid-x1
Connection
keep-alive
Access-Control-Allow-Headers
Content-type, X-Optout
Keep-Alive
timeout=360
Expires
Wed, 15 May 2019 19:37:57 GMT
usync.html
eus.rubiconproject.com/ Frame B1E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.171.127 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-171-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Tue, 07 May 2019 18:54:29 GMT
Content-Encoding
gzip
Content-Length
7450
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=66261
Expires
Thu, 16 May 2019 13:02:17 GMT
Date
Wed, 15 May 2019 18:37:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame 359A 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cc5328ecbe06a94f0fb7f3b2798ef8c86d579db63ff1b835637510618bbddd4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
track
w-it.m-t.io/ Frame 359A 		0
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=99582&clickId=12595_99582_15579454761394_7b89423a26&programId=12595&expiry=1713465476&type=postview&indicator=0a1d60cf28d200c46b95ff84d01e1fdc&
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-cloud-trace-context
a72c4f6b17c83a10cb30ef49f3f619f4
server
Google Frontend
date
Wed, 15 May 2019 18:37:56 GMT
content-length
0
content-type
application/javascript;charset=utf-8
clk.min.js
analytics.webgains.io/ Frame 025D 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/clk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=86603400253640500951453010864030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:c200:9:352d:a240:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
564947a45c20467913c6655c817027ff96c4be9016f75486ff639595a39d7ac1

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
5lAq7dc2rqJl3CRZUhKkc3qwyU7sl1D2
content-encoding
gzip
last-modified
Mon, 13 May 2019 09:03:57 GMT
server
AmazonS3
age
34435
date
Wed, 15 May 2019 09:04:10 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
93Ga2Bnlo4T63XFAY-BquAVWLpB1NDxXXOdRw3Ju0umv2DBlVtUAGQ==
via
1.1 852d9d8bb32e82e505d63b5dd4b1e6e1.cloudfront.net (CloudFront)
hit
diapi.webgains.com/2.0/ Frame 025D 		77 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=NOa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKseKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kks3hjC9TkBygjhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflJflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWk8QTPJxVOxOUPm8LKfAaZ4ySy.aPjftckirQjEItAz7Bi7C2U5LRuaDeyjaY2ftckuyPBDjaY1HGOg3ZLQ0I5_v0B5J.3mrN.S9RdPQSzOy_Aw7UTlf_01kKHoNveNNNBRJlmX6QSs6uOMtVTxYMJ5tFFg4K1kl1BNlY6RjLxU..EDn&wgcookie=%7B%22wgifp12595%22%3A%5B%2299582%22%2C%2212595%22%2C%22723175%22%2C%22%22%2C%221557945476%22%2C%22https%253A%252F%252Fwww.gazetaexpress.com%252F%22%2C%22%22%2C%22%22%2C%221713465476%22%2C%2286603400253640500951453010864030%22%5D%7D&wgchecksum=9842bf3ff9a14a9c333a356a9be545e0&userIP=83.97.23.20&doAffectv=1&wgtime=1557945476
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=86603400253640500951453010864030
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.12.250 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-12-250.servers.dedipower.net
Software
Apache /
Resource Hash
008826a13d8b14ce0c449ba7d3d1d33a0fb6f0652a605b51bbdffff01af39ad8

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 May 2019 18:37:57 GMT
Server
Apache
Connection
close
Content-Length
77
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 025D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=82094800226046200951421010864040&wglinkid=723175
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=86603400253640500951453010864030
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:57 GMT
Last-Modified
Wed, 15 May 2019 18:37:57 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2727
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75
8019191.fls.doubleclick.net/ Frame 4840
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75?
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8019191.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkyVifRuy9eqEtQgH6q1w4gwYxQPshsvw3xYZ2OZZ-y7rsOGZs8T9FHI5qE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 15 May 2019 18:37:56 GMT
expires
Wed, 15 May 2019 18:37:56 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 15 May 2019 18:37:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLOl3pWXnuICFT2Agwcd7OgAXg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8732608932358.75?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
request_content.php
hal900030.redintelligence.net/ Frame 90F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/request_content.php?s=86603400253640500951453010864030&a=b6851908
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.40.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.40.243.136.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal900030.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=d5a91eb7f3fa35d6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 15 May 2019 18:37:56 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 15 May 2019 19:37:56 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1347
Connection
close
Content-Type
text/html; charset=utf-8
id.js
mathid.mathtag.com/device/ Frame 025D 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mathid.mathtag.com/device/id.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.135.48 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
/ Express
Resource Hash
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:57 GMT
Content-Encoding
gzip
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
X-MM-Host
cdg-mathid-x2
Connection
keep-alive
Access-Control-Allow-Headers
Content-type, X-Optout
Keep-Alive
timeout=360
Expires
Wed, 15 May 2019 19:37:57 GMT
webPushAnalytics
onesignal.com/ Frame 751F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/webPushAnalytics
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onesignal.com
:scheme
https
:path
/webPushAnalytics
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

status
200
date
Wed, 15 May 2019 18:37:56 GMT
content-type
text/html
set-cookie
__cfduid=dfae60f6a43216d8529b225e98bdc1cd41557945476; expires=Thu, 14-May-20 18:37:56 GMT; path=/; domain=.onesignal.com; HttpOnly
last-modified
Tue, 14 May 2019 22:27:29 GMT
cf-cache-status
HIT
expires
Wed, 15 May 2019 19:37:56 GMT
cache-control
public, max-age=3600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4d7739dd7e36beec-FRA
content-encoding
gzip
dv-measurements264.js
cdn.doubleverify.com/ Frame 3A2D 		251 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements264.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.248.82 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-82.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
88f9b11332a37ebe057eb22822fc12d3a81bbc749368810dfc48445fe6d34468

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2019 08:06:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0931ec2ab4d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59131
usync.html
eus.rubiconproject.com/ Frame B4EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Tue, 07 May 2019 18:54:29 GMT
Content-Encoding
gzip
Content-Length
7447
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=22852
Expires
Thu, 16 May 2019 00:58:49 GMT
Date
Wed, 15 May 2019 18:37:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
track
w-it.m-t.io/ Frame 025D 		0
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=99582&clickId=12595_99582_15579454764009_fe4a131225&programId=12595&expiry=1713465476&type=postview&indicator=0a1d60cf28d200c46b95ff84d01e1fdc&
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-cloud-trace-context
21dc41b0a991565cf59c7b1c3cd9be48
server
Google Frontend
date
Wed, 15 May 2019 18:37:56 GMT
content-length
0
content-type
application/javascript;charset=utf-8
truncated
/ Frame 025D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e65988895bdec8d8c65fe8289c1d7a56f33416d07eec7b2b8bb39fbe4b8d72a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
t2tv7.html
cdn3.doubleverify.com/ Frame F635 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements264.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.248.82 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-82.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.gazetaexpress.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.gazetaexpress.com/

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 15 May 2019 18:37:57 GMT
Content-Length
3877
Connection
keep-alive
visit.js
tps.doubleverify.com/ Frame 3A2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D82K6E26IAC6DD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D82K6E26IAC6DD%5D4%40%3ETar9EEADTbpTauTauHHH%5D82K6E26IAC6DD%5D4%40%3EU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&uid=1557945477008746&jsCallback=dvCallback_1557945477008848&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=264&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&fwc=4&flt=22&fec=1292&fcifrms=24&brh=2&dvp_epl=170&noc=8&ctx=499507&cmp=DV119194&sid=17306&plc=sampletag&adsrv=0&advid=3819603&turl=https%3A//www.gazetaexpress.com/&DVP_IS_SAMPLE=1&DVP_PP_REP=1&DVP_IQM_ID=10&DVP_DV_TT=1&DVP_DV_CT=1&DVP_MM_1=216536&DVP_MM_2=651871&DVP_MM_3=4562355&DVP_MM_4=6622478&DVP_MM_5=ruc&DVP_MM_6=9&DVP_MM_7=12398&DVP_MM_8=59924&DVPX_PP_IMP_ID=5630670867653403009
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements264.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.18 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
9ffb97f58001ec06ca36f42749636647792beac58c689fdf27b9d946c6470679

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:57 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Connection
close
Expires
5/14/2019 6:37:57 PM
/
track.adform.net/serving/unload/ Frame 1023 		35 B
419 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|2223|0|0|0|0|0|0|0||112|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:57 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ck-confirm
tags.mathtag.com/ Frame 359A 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3426348218384851329&node_id=702&exch_id=9&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22VVRD%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.144.3 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:57 GMT
Server
MMBD/3.144.3
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x41, cdg-bidder-x75
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 15 May 2019 18:37:56 GMT
ck-confirm
tags.mathtag.com/ Frame 025D 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=5630670867653403009&node_id=1336&exch_id=9&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22VVRD%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.144.3 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 May 2019 18:37:57 GMT
Server
MMBD/3.144.3
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x47, zrh-bidder-x111
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 15 May 2019 18:37:56 GMT
/
track.adform.net/serving/unload/ Frame 1023 		35 B
419 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|3098|0|0|0|0|0|0|0||156|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:57 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 359A 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5DcVN836fHll1FwiXhwGdPmMs7x1eIa72d_U76BBE7rK4Rc2jDoNWo3Xn4qWK7xhh_7ZldS5vsn9zpmExtiG0q7i7HxWfmuNtlmznXHM&sig=Cg0ArKJSzOeuhKOk80CwEAE&adk=4027716477&tt=-1&bs=1585%2C1200&mtos=1090,1090,1090,1090,1090&tos=1090,0,0,0,0&p=225,1283,825,1443&mkm=1&mcvt=1090&rs=3&ht=0&tfs=3002&tls=4092&mc=1&lte=1&bas=0&bac=0&avms=geo&md=2&rst=1557945473817&rpt=3013&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C10588&ss=1600%2C1200&pt=-1&deb=1-3-3-22-35-44-199-33&tvt=4064&r=v&id=osdim&vs=4&uc=14&upc=10&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190513
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 025D 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL9tMvcV9HT4fZW8xVb9Bn6IfW6Xeu2lBBs9BVOT7DBSqT9tDd9PzfywJndM0LKUBhb3m4Y7h9-6uyNhI3Xwacc7_mqzn5tT0hsj4-WaE&sig=Cg0ArKJSzGN672W-A-g7EAE&adk=1376028450&tt=-1&bs=1585%2C1200&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&p=49,470,139,1198&mkm=1&mcvt=1053&rs=3&ht=0&tfs=3342&tls=4395&mc=1&lte=1&bas=0&bac=0&avms=geo&md=2&rst=1557945473829&rpt=3344&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C10588&ss=1600%2C1200&pt=-1&deb=1-3-3-23-38-44-218-36&tvt=4368&r=v&id=osdim&vs=4&uc=15&upc=11&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190513
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 1023 		35 B
428 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|4096|0|0|0|0|0|0|0||207|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:58 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1023 		35 B
419 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-1585108757961464411@@30003420,4258094457637731539,100|4795|0|0|0|0|0|0|0||242|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:59 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1023 		35 B
428 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|5097|0|0|0|0|0|0|0||257|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:37:59 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
event.png
tps20229.doubleverify.com/ Frame 3A2D 		67 B
470 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=1ac44d28dc4641dd94dc52566151cc55&msrjs=264&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&dvp_esdtms=3164&cbust=1557945480129489
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements264.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.15 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:37:59 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
5/14/2019 6:37:59 PM
event.png
tps20229.doubleverify.com/ Frame 3A2D 		67 B
470 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=1ac44d28dc4641dd94dc52566151cc55&msrcanlm=904&msrcannum=3&ismms=74&isumms=73&isvelg=1&nvr=6&isbxdms=3174&b11=3281&adhgt=90&adwdth=728&engisel=1&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3281&sftb=3281&msrdp=1&naral=640&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=976&isuiabvms=976&ispmxpms=976&engalms=71&dvp_hdnAd=11000&dvp_dpr=1&dvp_esdtms=4163&cbust=1557945481129425
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements264.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.12 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 15 May 2019 18:38:00 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
5/14/2019 6:38:00 PM
/
track.adform.net/serving/unload/ Frame 1023 		35 B
418 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|8001|0|0|0|0|0|0|0||404|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:38:02 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1023 		35 B
418 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|10196|0|0|0|0|0|0|0||515|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:38:05 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1023 		35 B
427 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|11996|0|0|0|0|0|0|0||605|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:38:06 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=802838&t=event&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_gid=1825746949.1557945472&gjid=1261576312&_v=j75&z=1508245162
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_v=j75&z=1508245162
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_v=j75&z=1508245162&slf_rd=1&random=231648198
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_v=j75&z=1508245162&slf_rd=1&random=231648198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:38:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 May 2019 18:38:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1714868668.1557945472&jid=1744303838&_v=j75&z=1508245162&slf_rd=1&random=231648198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 1023 		35 B
427 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&ufc=1&unload=-1585108757961464411@@30003420,4258094457637731539,100|15096|0|0|0|0|0|0|0||762|0|31|5c570a03e32ea0548fc38a4c827fbdf2761f953a_1|||1|0|0|nTGFKyoIQhANDtiXz0DwfmAoUKh23yX9F_wp_lPV-wf8GgTRsYWz-u1eAlS4m9CUcpPC83Bh6wY1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/616/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 May 2019 18:38:09 GMT
server
nginx
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| CloudflareApps string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| isMobile object| googletag object| s object| _atrk_opts object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| documentInitOneSignal function| OneSignal object| teadsscript object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _qevents object| _fbq function| fbq function| atrk boolean| _atrk_fired undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id string| geoCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| pbjs function| initAdserver function| pbjsChunk object| __core-js_shared__ function| JSEncrypt function| quantserve function| __qc object| ezt object| _qoptions object| bootstrap object| jQuery1124005132534560167623 number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| teads function| _ object| wp function| hj object| _hjSettings number| google_unique_id object| google_reactive_ads_global_state string| txt function| postscribe object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| __adform_onload object| Adform function| ADFReload function| ADFCall function| ADFcall object| a

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 25)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api error URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703(Line 1)
Message:
TypeError: Cannot read property 'permission' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.teads.tv
ad.doubleclick.net
ad.zanox.com
adservice.google.com
adservice.google.de
adxbid.me
aj1431.online
ajax.googleapis.com
analytics.webgains.io
banner.congstar.de
banners.webmasterplan.com
beacon-eu-ams3.rubiconproject.com
cdn.doubleverify.com
cdn.onesignal.com
cdn3.doubleverify.com
certify.alexametrics.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
diapi.webgains.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gazetaexpress.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900030.redintelligence.net
mathid.mathtag.com
onesignal.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.mathtag.com
pixel.quantserve.com
rules.quantcount.com
s1.adform.net
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
sync.teads.tv
t.teads.tv
tags.mathtag.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20229.doubleverify.com
track.adform.net
track.webgains.com
vars.hotjar.com
w-it.m-t.io
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.televizioni.tv
104.111.230.142
104.111.242.245
104.125.24.244
104.28.1.182
13.32.223.184
13.32.223.249
136.243.39.93
136.243.40.159
136.243.51.211
136.243.51.216
147.75.33.239
147.75.80.178
147.75.81.98
172.217.18.6
173.194.76.155
185.29.133.33
185.29.133.58
185.29.134.233
185.29.135.48
195.216.249.67
2.18.171.127
2.18.233.201
208.88.224.28
213.19.162.47
213.19.162.51
213.254.244.12
213.254.244.15
213.254.244.18
23.210.248.82
2600:9000:20bb:9600:6:44e3:f8c0:93a1
2600:9000:20bb:c200:9:352d:a240:93a1
2606:4700:30::681b:ac79
2606:4700:31::681f:4b3
2606:4700::6810:cda5
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2013
2a00:1450:4001:81d::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2002
2a00:1450:4001:824::200a
2a00:1450:400c:c08::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
37.157.2.235
37.157.2.248
37.157.5.72
46.18.188.30
46.236.12.250
46.236.13.147
85.10.231.199
85.214.124.106
91.228.74.133
91.228.74.177
008826a13d8b14ce0c449ba7d3d1d33a0fb6f0652a605b51bbdffff01af39ad8
01a136d0ed3db4810ef87c411ec9550c15c637386931fa1375cdf86fbba20fa4
01d422e245d7a930136189de703b3ab6c7803f191ae0ea98721d952e31b8e96a
02757d53179a86b474d0a406b1eaaf1ff53cc755be7d5ba9586adafa8ec3a621
03a4067da94b34c2ce0f636b355e7475d3174f1a82f04c421cbdc87035527be8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b20815ace6a0f0669b19892ba52f6d02e26a5d9e1009fd673ef002c051540e
04cf60738b97471e0ab4f6e5b45657d41fedf2cebc10f03ec97707af21fd562e
06c5366afdf3ba24bab6ab70930d9d4ef41c920d9858d239a717dec6ed913748
0c63bbb1368c4f8b62a1635a084c5ebd43758c986377f96938657a9e5b781916
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b
0f202d4a8de51b21f4cbf29e00bcd0e50c748a3621cfff71b619880aedca6f13
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1194c1d29ca7cd11f79be59b08fdca876dbed47faf13c6932ec89e338c9c607a
125b1c5f96e7bd6829d8ce638c463f14c0a78f7cadee45d6ea4584b897aaf1e3
12b56c94e53abed5a1af64fc155a8ffa9b168a77b09ce99211fe1e0ee984a239
12e7c4bcdd9aa1150ef73d6226f01e71202552211eb32fb5d364626d75ecd71d
135cb9d660a17b0f8af82f3f54a5ca001f598f5448fb1678348eb628387aac93
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
151e7b48c53970ec4acd3366dfccd8ec779c6ef5e7f3b8f62cf2a694c9b4227f
1597c36ceb02007f2973e75215c4e932893f828366047c7a864e427da868e065
15d8e4f71f20bd314602d33a14144e4c5fcd712425bf11c1251e057ff7176c95
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1614960c7442763823d109eeecdedb8a7b7562ed0d1b6b56acf7000f592d713f
1a6d51a72eff53d8bd13f20cf23903da3ee162352d4ebc21708dce54a9145171
1af75344a3c58703523ea517239fb2e61d94e90e3824a5751a873723103e2905
1b0d9fc9c6e59cf4715db376210743d062f288c25ee3aaf49e363e17d6746548
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d1ed112d33396bea22d3a63cea1733359bc338d26d5b7f6a34eebd52a25ad62
1d36b10fc8b1d9cef43f67c65ca32e79028d3f221d78f2e8bc18c6584b10d9fe
1e4daa57c2d18d94c451ee3e1d96d1ddfc0f15d3b33c49bea91eb54a371c0d05
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
250e54eb6a2782b438fdf2e78137be28e16e18c31bfa7824320b6854c990947f
26b5cde382fb2f8624f610cf7211ff8281e4cec9c5d8074d854883d093aafa5c
28332d4988a5c14eae80b430861c845e4c27560dedbd2ac25d99a73b5f16e375
287270434da6d2a9027c62b67a1ec7a0ccdba9fe1284f899204bd85fac466542
2a80b0a35e87ff5b0dad203e15ca0d6d7879db4001a13d460ec451f155c5ff13
2cbead19ed7c4012caee0a39713c4af1fae03123f5ed0335b1456218d8af64dc
2deb0a535ddbac8644c6696de0236fdc73fb168f572745c4139f5a4c8cde7b98
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342773fa0d89481ec7521bd4994beaa6145a54c1b35a1c4f3033bdec36dcd01a
3562754cfd8e62c8965cd24016fb150a0bcb7ecae9a4ec9e5391af0a4b733de2
3677634b18f03f9fe6db2f33554ebc0c1a2fc426bb8713a2bcb0935c65275f7e
372d9c567e991c67df639258616d2bde96080e3a1c823643c10384295b1f18a9
37eceecac6c6c38ccd29f901bdfba73dddd67ef7e4755a1b7a6c99bb74ea9b56
38b18a3d8a7f8f3d5b227d41b12eb99900ddfa9db9caaaa440a5c31925301c38
38db26e255f6ee8f7397119c04176c448b2735ebb7a53e252eb31914f5a61150
3cd91c5fe69e1442ed258a56d17ea15a19ef4ead50cb4782d3526c3f606142c9
3dd605490efded6afa1551c643fdb396e4118ca4c39c02539da543ba7ed0216e
3e65988895bdec8d8c65fe8289c1d7a56f33416d07eec7b2b8bb39fbe4b8d72a
3e8dadf2162e744a31d12d4935c7986dbc5c519a6829807c7582411c7972dc6d
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41661188c71fce6074437b718b165dcdda71a1b3c13fb37baae5fcbec4cee044
416758d9105513eca95de4a5a3046298803a57fa02533e3f81ca186942f1331e
423d00aa4846af61550ecc11ad4b2e9d50eec715e71390d32eae6718e534df45
42b761f31dcb62b538628d578bfa6188fe253933e0dc1b9fc37bf598982c8c17
42d253d262d6021586fd0b61108b59b28db2e337497e3ab06c4fc0bc81423ef1
430eeed0076e4b943d324406f5402477e3878768474537eec934106d356b7161
432da0ed9cd2e04961f652c72488fc3f2eb637afa80479ccf2ec8f3da86ccb8c
44a9d3f6b779c3ed39fb81c652f9291226a0ba0e1286f56b49f8bd5843cb864a
45a96d79c3d1efb7e227b4a23d40a3184e69296a4aa1563de5b5ec9179a3d6ef
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d3e06e2a2436730cff8ae2a054195654af87079b85e0dec10aad5652658f374
502e784680ea81bacfd9a704f8f60ca837dae880ef617ed60a3dd125daf56bc7
51094ea612e429b325f489538a8fbbb74f7b7ed7b4b2257ff54c031a6ab8ebf7
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096
53af729e9e4b8c8d2aae917515b562dba0d5273acc77c8775d6e05a6cddfcefd
563d4b60ea74bfc6c122c6cde135beaedf430b37b1dc087794c6d9db7a9a6ac2
564947a45c20467913c6655c817027ff96c4be9016f75486ff639595a39d7ac1
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
58d5d69efb99ba86b86e44a4753304d14f0ebcda68e3b9b31faa68d85d2a9811
58dd0575910660a13614e0ff2888eccd47437a76d0beed505213ed7e32b5fe10
5951ce792cc6e9a3a05f3e0df73abdcfc07d5887b348ceb19663915eb09f9006
5b3d807963a35a0e3e357c0099900bee24282cb9cbbd472ae20978614fd2d862
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c
5ddde751d6dced6af80948d5cb2eba1e00c66531b0db1cecb36905ca55e6fb9d
5fd261b6957acfd97efee8ee734e6b1f009e698bd3da81f80bf956e189bbdb98
62ef5b85c81a23b0d1381dbab4ebff5aceb23073736305b99fb2bb81ba7b0844
630d20fbfbc0433e2664f743d78cb919870f0ecf8c923d7a1d1bd95f8e03c311
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50
642fab5efbd89da119271d05bc5a58628d0713b37e604640e35a0856526106f3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6739213c11c4433ffb46bd1b0cdf5a7cd1285686ff3535faaf7a6c5d05a84fff
6787d2584d00f68da3fb551988967c6ea7dcc71f17bbf193316870821aaaf97b
67cb7e1a87dee1dcf04b5d21f84e4c4c3914e43ef010997a8c47369f3479f0ee
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
68ac06bf066af8b878c4ccb260f74a474c1f2b500843c38f18991880cd0fc133
6a3c651aa733f827e23d899416e7d6bf035eb89781e3bcedfe7c63976b092c4c
6b2b9c17d2eb30c7b2a2e233594397f03fd377e953a04e0f0d180ffffb59fcf0
6b6eb16530a15dd24f25579b6f0d518d6b0c492fef5d9cec8e75f9a8ad90238e
6ca2b40a2735a0e2fd0af9a752b8ae8e9142b868cbbaee9738dd68a0cc877755
6d91ba62c7059f39d18c547aefbd911ed1af0d210a0490b41ff61f8d077cd39b
6e6e4b7f41e025f25f4a82bfbc575130a15607ab8fa45746130a7014756c400a
707f5dd8b57475b8c16266cdab1525cb7fbbbb0b94d2ea244a1855099fb6d3a5
71e946e3765c923781e463607025bd190f1a2dd3931c5fc0c1d4354ba353e5f8
72942e03c8c3b3e36341c3074a92a9821613e9b58a1a7b81823376d8e7dd70a7
73758578eff89c10616b21b1da4b0108fe1817b6fda9af10e39cf8a0c0437275
7385bfde4c121c81486ba15fd68e6d02058b8dde2853b57c79d4088d53aed62b
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b
75d8123861eb05f843af822d875f255d2578965d0974366b191ed99c2b09a24a
763a884b8d677c2fd44a7275e5d1b315983087cbc02dade932b7fb363c61ae3d
76831b3bc5df9b9472bd9a13122e6bdef17fee07a21ed9f71f47e5487579b00c
76caefb6105868f41285c84dfdccc569c2b925eead4b0c83c1664e64f36f3c27
77392f8766632c2c7384609a5a5b7f759c4d5dad0e9d60e54fe7da82e5a51394
7a3a4dd85697563d9d16075f64c30415b5c1bcedd5f16aff6f08066a4b6fe484
7b7d0bdbe3b31c3d6127bcd5dc246970fa7d6f8a1ef2584b580e4564308f3d4a
7c8021fecdab345cf01a8d718d430c65e2edfc4810d695b0e86a07c51d938318
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
80e19dd473687cbf3fecf61996ef787c2ebd79e31910cef9bb50581111ff5840
8134010f00b4c653082dc83d7a0f41f1e5be0ee703b223a2ea176a5dc1d3c14f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842039cdf04fd2b6ae66c527c016b42dba6061c40b509d91b4633020737a1613
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
868ec4a1b02346c5125215ea07d903b3f01d7e758d72243bc778cd3788a27075
87acd506437bab2ae269589bc377dbe4a34c42bde1374f0dca1ebad171dd4559
885ab5ccb6b8f0454f3bb87da81e7f73a3c59aa8721a46fe40d50f188cf6b9d4
88f9b11332a37ebe057eb22822fc12d3a81bbc749368810dfc48445fe6d34468
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
8a7c2baafeb68ef9088c9eb3c2d8f0e2bcc8133257bc162e1ab420c3bd670887
8b524ef743f726d914b5e98164aaa48fbffbd8cbbe759ce853d8da60db829cf8
8cc5328ecbe06a94f0fb7f3b2798ef8c86d579db63ff1b835637510618bbddd4
903196df3ae718ef2e940c76e98aa0cbfc77873ce5458f1af7084ca4ed232da6
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9052e0d75c441676edb636553726e6d23c04c580672876077ea61195b023aff5
937f621a3ac6b86e8819462f6c8bf50c01a9d83bee4e08a29bc4ab5aff7fd1f5
939be3594bd1249a7d5dc7029a2bed1100ca160828edd0ec4665d50aea825710
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
96bf1ac743386800f218cee1b48949f32146838af63ae2db83c45ade062861c5
993a4aebbd4266ef8e397489ed20977eeda8ef519ed76c386ad685a72150b814
99a8929cb16121a1000843c6c8c58fcb2f9f3f49afe0f5499612fc960b98cf5b
9aa8d2eeb34c57ae1d7546108cdd8d7846d7162e33509b25341b5bc98452f805
9ad51daa3adb7709558edc3356c3506a7c1ff5a402b0a5c8bcaaf890c9387670
9b6db9fa9496af49f62411e9f34276419859821a07655f975f8e513f0020379e
9e7d00e7525f39c464a0b2a7a83f47f2e35b727f4fc164825fa85f16131241ef
9ffb97f58001ec06ca36f42749636647792beac58c689fdf27b9d946c6470679
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a101ff221d02599248828886fe728ac97ad812849e4da7fc96a8252b2c74f174
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
a2cf514097b88c7970057a11542745326f7b1c0cb8ca07e37924893428205ef1
a508d7307116dd21cc7fc6ce5785cb948e67469ea852df46f147ec12ac227e9e
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a80ed123fc6e616e3595c2172616add173dfb5085f72f4811f10bb45c35c1c1e
a99568e144b99fdd2cdea9ac68b42a4529c374bf66c76a2ce6316d6fcae9f7e6
ad2451cbbae23363bc97b8906239c8878c78fb49ad616cb76583ed360e9a3359
ae1c6eec2061070da3cf8ae92b8aa24ce2a71e7c7611798bf82143b40cad4f04
ae59acab3e6fb169ed5b4289f9c91b63ff4e1443f7e2f572b590003204c79526
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682
b0d5e19195c0e2b60e02c87bf16d2f2694a463ead3f5a11b94d34fb52adcbbf6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36391377210d6e611d00f472a923ae2c0d33252a07870fbf5c0f4b2aa1986be
b537c28f8dd73f5db6530c9ce7904173e33ac49b85422dc3baf331f15f7b3446
b57b3ce8ed2d89b2a77f885a34a1fecfd6a31d9240b530151775e6a1b3e91004
b6d0545dc5ec9f70c4f7922cf706d8830b9df026138c4bfbeb47d01be3938721
b9091df450d7c0a5e7d686ca8a0fea8bd91d4299c7da4d51f28e16191f716582
b90d0cded9720b6d4c487472776555df0db4914ba5bb91fead64cc826bc2d854
ba0efe2bb62db38c87186cea6e5ac18795373c4844b66518b202ca436dbcdba5
bafed08690cb63ae563770e414d8ef556140ccd1e0fe7a4e4f74b5e40283acee
bce452461b0ea7968dae20079b7c3bb031862ab16a516d1dd96d8e5582090d6a
bdfc8660b7bc66e1df0b0d8c7e1b09c83362acfc3d92a0d5bef8179e7878ef61
be0c338c776f52e7ea09968cca28b062f2f4e23048f88e25580dc9902de74eee
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c05e1fa6493c38c6ffb159a4e5063aad98244963fed63e6476f5b691a2f0a132
c1e8df7ea6524a417491238f1c0c45f12b2420fbeddeb4b42c8f498267fc8222
c23d7926f168e931d2257b151c95465d0db4f9e6c867d879f75725a1e0d78529
c2bbcac0cc1dcd9d79e5f286b885da8dfed4ba40967d6533ac5041e127fd4717
c8e74e3a9657c0a6ff7a87f56cd2ae719f830f3b5ea7fe4574c87608961d572a
c9ad26ecc0860de179124f6e21fe1b62317dfa547ea6b8198be43f44f74f457b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8fb7a8194728b9c16058a207355d712d9dc78ed439465322f5357e6acf30fd
caf942e5d729ca1e60a5f052d31219acfaf0225e45a2b5ebbedfb0652e030536
cc5f234ec2b5f42deb25922bbde9907d366af612a5e78286bc71df8291e3db3b
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce314178842e6606a8ff7626000deca961d99324be36eceba70a8df5f8f21c40
d12cf3dd6103c779b34431b447b264f65a4f018b595680860665f8de4d7dc805
d1c1bda985148deec8556f9c43822c22313408ff12153b6888e22b3132ab49ae
d3e33bad1874d1ff15734cfae018d8130ea41cdf8b6de35e9abb069bb8828ef0
d48f40d7f52d88cc2349b67c3b22ff5a6c6d8d2e1c0bfc99744903a54a18d2ac
d4aa84f81af3d2c5825af09fe1669b77826a3fd47db2f1fb0fac9f0735c31292
d860bcd49cc302f2ac6948ce99b714152920b39d660a72c82b75aff600967d03
d8c2e469b3e2f8f23eed0b99557538e8ef7d9d1e636e45b027b9d888e75acf4b
d9cd2e0dd5e3f998d14b12c06c8b1e6c0733948dc246acec8f0d1bb3bee09837
dbe38d5b89ef54e131abf25809591aa3e79e24e251668fa05d132be6d3dffa2d
dc29e15ede9d1548148ebe56a0bbe73f5c565d60a6c5d3d41138e56bb0ae49e0
dcff3e2be255c039c6d45cb55c9769feeae5585a284b19e827ed19d11ddf9b35
de4414ec5e246b67afdeca511e0bbc49e44a03a5e94392652aedd0499d4a078b
df8fc6c4e95dbc4429c71629e3ca2161180cb4fb4d10b7b5af7712def6876bff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407dd2e725c1938a2b93c5f5c2a4a24100f3f3d1c79d70e83f06ee36f5c6cca
e4b9d94b385fe82b60c6c742cf9a765e367aff9f8ccc23858f9f5cb9856d6053
e4cea969acd75c4a1d1fd3950c397486ed14625d27777d70a205a8286cae0f3f
e88eaa616005a414be69a547d80451fca3194a29d89a445f258e54a8ed8ff165
ea976853e907344799ed51bd389bc9c4ac5424229940dae2059609122d1c49e9
eaf0b7fe9aa23ff7af49965647b8f2c50e39419986c6895f02cccd9c6f654318
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06
edfa2b556afe5a0a53153c97f6dca358e0684e9c40b93e1bd775190985cfcd8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7bb7ba9103f1f41794ea664902f24c09fe68569802bcc6834ae1957f33061f
efd28e5e0b45a3c1f41b4401a30cae09440ea3e8b9b71cef626d9d917613d2f2
efe33dcc2df517cdd648947e2d644014e8dc13b42813314b7022c430420f24aa
f128afe52bebb537395a1f6a724c9d93cba380ef73d4d694bc1fa73dd1ad307d
f13e91c5cf50a4d83bc2e1dc037bfb130fe3e7cd98667cc5d9a20a9ad2521490
f2321eb805d91f31833159260a676282beb372fd6aebc22306894a525ed9af7b
f3ac6996f95ab0f28146c51329c1a4698280b543ee16c28d29112f1b16d36633
f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5
f5057f8b1ced4dc7f9cd6dcad22abdf06e0dd16de9a9d6ad47e6f1bb2e0cf9a7
f854688baa8ec43b955897c8c2c89bca7c4ae42fabbd5863f974a5eb5320c083
f924a44a0606899cde6a3bd78d807bafedb18d70de09dc9de78337cb1e112ec4
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fe697b88c358a583dacadc08d905b7cb23317ff0d567caccfd56e7275100e026