urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetaexpress.com Open in urlscan Pro
172.64.201.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gazetaexpress.com/
Effective URL: https://www.gazetaexpress.com/
Submission: On December 01 via manual from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 10 countries across 69 domains to perform 820 HTTP transactions. The main IP is 172.64.201.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gazetaexpress.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 199 172.64.201.10 13335 (CLOUDFLAR...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 52.239.139.164 8075 (MICROSOFT...)
7 142.250.185.194 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
17 208.88.224.28 40824 (WZCOM-)
7 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.58 16509 (AMAZON-02)
6 2a03:2880:f02... 32934 (FACEBOOK)
69 151.101.1.44 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
57 172.67.71.111 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 143.204.98.17 16509 (AMAZON-02)
1 52.27.66.213 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
16 37.157.6.252 198622 (ADFORM)
4 216.52.2.48 29791 (VOXEL-DOT...)
2 35.156.230.193 16509 (AMAZON-02)
14 178.250.0.165 44788 (ASN-CRITE...)
16 2602:803:c001... 26667 (RUBICONPR...)
2 4 185.184.8.65 204995 (RTB-HOUSE...)
13 185.33.221.50 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f12... 32934 (FACEBOOK)
1 104.111.242.245 16625 (AKAMAI-AS)
2 184.30.25.51 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
12 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
15 104.19.136.78 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:200... 54113 (FASTLY)
3 185.191.167.178 206262 (TELKOS)
4 2a00:1450:400... 15169 (GOOGLE)
24 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 185.67.179.249 29170 (KUJTESA-AS)
4 2a03:90c0:41:... 199524 (GCORE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
10 185.86.137.114 201081 (SMARTADSE...)
12 23.37.38.181 16625 (AKAMAI-AS)
24 34.98.64.218 15169 (GOOGLE)
12 35.156.35.28 16509 (AMAZON-02)
12 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 185.67.179.250 29170 (KUJTESA-AS)
6 2606:4700:303... 13335 (CLOUDFLAR...)
12 54.229.26.45 16509 (AMAZON-02)
1 138.201.63.116 24940 (HETZNER-AS)
1 3 185.29.134.249 30419 (MEDIAMATH...)
1 2.18.233.201 16625 (AKAMAI-AS)
15 18.202.153.141 16509 (AMAZON-02)
3 151.101.193.108 54113 (FASTLY)
4 185.33.221.15 29990 (ASN-APPNEX)
4 51.68.155.202 16276 (OVH)
1 5 138.201.84.252 24940 (HETZNER-AS)
1 2 172.217.18.102 15169 (GOOGLE)
2 145.239.2.103 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
6 3.232.170.59 14618 (AMAZON-AES)
15 2a02:2638::3 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 104.19.135.78 13335 (CLOUDFLAR...)
2 37.252.161.190 29990 (ASN-APPNEX)
1 178.250.0.157 44788 (ASN-CRITE...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 152.228.222.122 16276 (OVH)
1 3.214.40.65 14618 (AMAZON-AES)
1 1 23.37.42.132 16625 (AKAMAI-AS)
6 23.79.143.124 16625 (AKAMAI-AS)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 104.16.221.74 13335 (CLOUDFLAR...)
2 2 35.212.212.222 15169 (GOOGLE)
4 6 3.127.209.187 16509 (AMAZON-02)
1 18.214.172.53 14618 (AMAZON-AES)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.138.120 201081 (SMARTADSE...)
4 69.173.144.138 26667 (RUBICONPR...)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 52.48.46.48 16509 (AMAZON-02)
5 9 3.33.220.150 16509 (AMAZON-02)
12 15 142.250.185.130 15169 (GOOGLE)
1 1 52.57.134.242 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
6 54.36.110.65 16276 (OVH)
1 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 151.101.2.49 54113 (FASTLY)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 144.76.120.254 24940 (HETZNER-AS)
2 104.17.120.107 13335 (CLOUDFLAR...)
18 24 198.47.127.18 62713 (AS-PUBMATIC)
7 7 185.64.190.80 62713 (AS-PUBMATIC)
16 20 13.248.245.213 16509 (AMAZON-02)
4 2a04:4e42::300 54113 (FASTLY)
4 141.226.224.32 200478 (TABOOLA-AS)
3 159.122.14.34 36351 (SOFTLAYER)
2 2620:119:50e7... 14413 (LINKEDIN)
2 2 185.29.132.245 30419 (MEDIAMATH...)
2 5 185.64.189.110 62713 (AS-PUBMATIC)
1 2606:4700:303... ()
820 104
199    172.64.201.10 (United States)

ASN13335 (CLOUDFLARENET, US)
gazetaexpress.com
www.gazetaexpress.com
ads.gazetaexpress.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)
agorahtag.tech
9    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    52.239.139.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
7    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2606:4700:3036::6815:4f16 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
17    208.88.224.28 (United States)

ASN40824 (WZCOM-, US)
aj1431.online
7    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
6    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
69    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
1    2a02:26f0:6c00:1a0::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
57    172.67.71.111 (United States)

ASN13335 (CLOUDFLARENET, US)
video.gjirafa.com
bisko.gjirafa.com
central.gjirafa.com
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
3    143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net
certify.alexametrics.com
1    52.27.66.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-66-213.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
16    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
4    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
14    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
16    2602:803:c001::200:144 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
13    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
2    184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com
t.teads.tv
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
12    2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
15    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
3    185.191.167.178 (Albania)

ASN206262 (TELKOS, AL)
abdyli.gjirafa.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
24    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.projectagora-adtag-library.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com
2    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    185.67.179.249 (Albania)

ASN29170 (KUJTESA-AS, AL)
naimi.gjirafa.com
4    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
24    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
10    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
12    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
24    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
projectagora-d.openx.net
u.openx.net
12    35.156.35.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
tlx.3lift.com
12    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700:3032::6815:41fa (United States)

ASN13335 (CLOUDFLARENET, US)
lupon.media
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    185.67.179.250 (Albania)

ASN29170 (KUJTESA-AS, AL)
samiu.gjirafa.com
6    2606:4700:3032::6815:356b (United States)

ASN13335 (CLOUDFLARENET, US)
projectagoralibs.com
12    54.229.26.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
1    138.201.63.116 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal9000.redintelligence.net
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
15    18.202.153.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
s.update.ib.adnxs.com
3    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
4    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
4    51.68.155.202 (France)

ASN16276 (OVH, FR)
PTR: ns3129903.ip-51-68-155.eu
analyticsvideo.gjirafa.com
5    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal900024.redintelligence.net
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
5994599.fls.doubleclick.net
2    145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu
cdn.contentspread.net
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:26f0:7100:2a6::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
6    3.232.170.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-170-59.compute-1.amazonaws.com
track1.aniview.com
15    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
4    152.228.222.122 (France)

ASN16276 (OVH, FR)
PTR: ns3189334.ip-152-228-222.eu
s333.adxpremium.services
1    3.214.40.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-40-65.compute-1.amazonaws.com
go1.aniview.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
6    3.127.209.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    18.214.172.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-172-53.compute-1.amazonaws.com
jadserve.postrelease.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.138.120 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    52.48.46.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-46-48.eu-west-1.compute.amazonaws.com
ad.360yield.com
9    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
15    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    52.57.134.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-134-242.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
4    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    54.36.110.65 (France)

ASN16276 (OVH, FR)
PTR: ns3109444.ip-54-36-110.eu
puma.gjirafa.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2a05:d018:d29:3602:1ae5:2286:b535:86e4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap15.adplayer.pro
serving.viduck.tech
2    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
24    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
20    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
4    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
2    2620:119:50e7:101::9002:e05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2606:4700:3038::6815:ea2b (None, )

ASN- ()
console.brax-cdn.com
Apex Domain
Subdomains		 Transfer
199 gazetaexpress.com
gazetaexpress.com
www.gazetaexpress.com
ads.gazetaexpress.com
20 MB
81 taboola.com
cdn.taboola.com
trc.taboola.com
images.taboola.com
am-trc-events.taboola.com
pips.taboola.com
cds.taboola.com
2 MB
79 gjirafa.com
video.gjirafa.com
bisko.gjirafa.com
central.gjirafa.com
abdyli.gjirafa.com
naimi.gjirafa.com
samiu.gjirafa.com
analyticsvideo.gjirafa.com
puma.gjirafa.com
2 MB
48 pubmatic.com
hbopenbid.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
8 KB
37 adnxs.com
ib.adnxs.com
s.update.ib.adnxs.com
cdn.adnxs.com
ams1-ib.adnxs.com
prebid.adnxs.com
211 KB
32 3lift.com
tlx.3lift.com
eb2.3lift.com
12 KB
32 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
52 KB
26 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
5994599.fls.doubleclick.net
cm.g.doubleclick.net
160 KB
24 openx.net
projectagora-d.openx.net
u.openx.net
2 KB
24 4dex.io
script.4dex.io
272 KB
24 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com
1 MB
20 mgid.com
jsc.mgid.com
cdn.mgid.com
video-native.mgid.com
c.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
174 KB
17 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
9 KB
17 aj1431.online
aj1431.online
28 KB
16 adform.net
adx.adform.net
6 KB
15 criteo.net
static.criteo.net
396 KB
12 adomik.com
projectagora-483829-hdb.adomik.com
1 KB
12 casalemedia.com
htlb.casalemedia.com
4 KB
12 projectagoraservices.com
ads.projectagoraservices.com
17 KB
12 googlesyndication.com
pagead2.googlesyndication.com
d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com
tpc.googlesyndication.com
211 KB
11 smartadserver.com
prg.smartadserver.com
ssbsync.smartadserver.com
4 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
103 KB
9 adsrvr.org
match.adsrvr.org
4 KB
9 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
115 KB
7 google.com
adservice.google.com
www.google.com
2 KB
7 google-analytics.com
www.google-analytics.com
59 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 mathtag.com
tags.mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
6 redintelligence.net
hal9000.redintelligence.net
hal900024.redintelligence.net
8 KB
6 projectagoralibs.com
projectagoralibs.com
10 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
636 KB
6 facebook.com
www.facebook.com
489 B
6 facebook.net
connect.facebook.net
278 KB
5 teads.tv
a.teads.tv
s8t.teads.tv
sync.teads.tv
t.teads.tv
134 KB
4 adxpremium.services
s333.adxpremium.services
1 KB
4 polyfill.io
cdn.polyfill.io
1018 B
4 creativecdn.com
prebid-eu.creativecdn.com
creativecdn.com
1 KB
4 lijit.com
ap.lijit.com
4 KB
3 simpli.fi
um.simpli.fi
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
2 KB
3 google.de
adservice.google.de
www.google.de
1 KB
3 alexametrics.com
certify.alexametrics.com
2 KB
3 windows.net
gjstatic.blob.core.windows.net
23 KB
2 linkedin.com
px.ads.linkedin.com
882 B
2 brealtime.com
biddr.brealtime.com
2 KB
2 viduck.tech
serving.viduck.tech
841 B
2 everesttech.net
sync-tm.everesttech.net
630 B
2 360yield.com
ad.360yield.com
613 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
755 B
2 contentspread.net
cdn.contentspread.net
25 KB
2 2mdn.net
s0.2mdn.net
33 KB
2 emxdgt.com
hb.emxdgt.com
325 B
1 brax-cdn.com
console.brax-cdn.com
376 KB
1 rlcdn.com
id.rlcdn.com
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
321 B
1 zeotap.com
mwzeom.zeotap.com
460 B
1 lentainform.com
cm.lentainform.com
495 B
1 postrelease.com
jadserve.postrelease.com
427 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
889 B
1 googletagservices.com
www.googletagservices.com
37 KB
1 lupon.media
lupon.media
10 KB
1 googleadservices.com
partner.googleadservices.com
442 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 aghtag.tech
aghtag.tech
108 KB
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 adxbid.info
adxbid.info
162 KB
1 agorahtag.tech
agorahtag.tech
2 KB
820 69
Domain Requested by
191 www.gazetaexpress.com 1 redirects www.gazetaexpress.com
39 cdn.taboola.com www.gazetaexpress.com
cdn.taboola.com
32 video.gjirafa.com www.gazetaexpress.com
video.gjirafa.com
24 image8.pubmatic.com 18 redirects cdn.projectagora-adtag-library.com
24 script.4dex.io cdn.projectagora-adtag-library.com
script.4dex.io
24 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
20 eb2.3lift.com 16 redirects
18 images.taboola.com cdn.taboola.com
17 aj1431.online www.gazetaexpress.com
aj1431.online
16 fastlane.rubiconproject.com adxbid.info
cdn.projectagora-adtag-library.com
16 adx.adform.net adxbid.info
cdn.projectagora-adtag-library.com
15 cm.g.doubleclick.net 12 redirects
15 static.criteo.net adxbid.info
static.criteo.net
cdn.projectagora-adtag-library.com
15 s.update.ib.adnxs.com adxbid.info
s.update.ib.adnxs.com
14 central.gjirafa.com video.gjirafa.com
central.gjirafa.com
imasdk.googleapis.com
14 bidder.criteo.com adxbid.info
cdn.projectagora-adtag-library.com
13 ib.adnxs.com adxbid.info
cdn.projectagora-adtag-library.com
12 u.openx.net cdn.projectagora-adtag-library.com
12 trc.taboola.com cdn.taboola.com
12 projectagora-483829-hdb.adomik.com www.gazetaexpress.com
12 hbopenbid.pubmatic.com cdn.projectagora-adtag-library.com
12 tlx.3lift.com cdn.projectagora-adtag-library.com
12 projectagora-d.openx.net cdn.projectagora-adtag-library.com
12 htlb.casalemedia.com cdn.projectagora-adtag-library.com
12 ads.projectagoraservices.com ads.gazetaexpress.com
aj1431.online
11 bisko.gjirafa.com www.gazetaexpress.com
10 prg.smartadserver.com cdn.projectagora-adtag-library.com
9 match.adsrvr.org 5 redirects
9 pagead2.googlesyndication.com www.gazetaexpress.com
pagead2.googlesyndication.com
srcdoc
tpc.googlesyndication.com
www.googletagservices.com
8 cm.mgid.com jsc.mgid.com
7 image2.pubmatic.com 7 redirects
7 www.google-analytics.com www.gazetaexpress.com
www.google-analytics.com
video.gjirafa.com
7 ads.gazetaexpress.com www.gazetaexpress.com
ads.gazetaexpress.com
6 puma.gjirafa.com
6 x.bidswitch.net 4 redirects
6 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
adxbid.info
6 track1.aniview.com player.aniview.com
6 projectagoralibs.com cdn.projectagora-adtag-library.com
6 www.gstatic.com video.gjirafa.com
www.gstatic.com
6 www.facebook.com www.gazetaexpress.com
connect.facebook.net
video.gjirafa.com
6 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
video.gjirafa.com
6 securepubads.g.doubleclick.net www.gazetaexpress.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 simage2.pubmatic.com 2 redirects
5 hal900024.redintelligence.net 1 redirects www.gazetaexpress.com
hal900024.redintelligence.net
5 naimi.gjirafa.com video.gjirafa.com
5 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
imasdk.googleapis.com
4 cds.taboola.com cdn.taboola.com
4 pips.taboola.com cdn.taboola.com
4 token.rubiconproject.com 4 redirects
4 csi.gstatic.com imasdk.googleapis.com
4 pixel.rubiconproject.com
4 s333.adxpremium.services adxbid.info
4 am-trc-events.taboola.com
4 analyticsvideo.gjirafa.com video.gjirafa.com
4 ams1-ib.adnxs.com adxbid.info
www.gazetaexpress.com
cdn.adnxs.com
4 samiu.gjirafa.com video.gjirafa.com
4 video-native.mgid.com cdn.mgid.com
jsc.mgid.com
4 imasdk.googleapis.com video.gjirafa.com
imasdk.googleapis.com
4 cdn.polyfill.io video.gjirafa.com
4 ap.lijit.com adxbid.info
3 um.simpli.fi
3 c.mgid.com jsc.mgid.com
3 cdn.adnxs.com adxbid.info
www.gazetaexpress.com
3 tags.mathtag.com 1 redirects www.gazetaexpress.com
3 abdyli.gjirafa.com video.gjirafa.com
3 certify.alexametrics.com www.gazetaexpress.com
video.gjirafa.com
3 gjstatic.blob.core.windows.net www.gazetaexpress.com
video.gjirafa.com
2 sync.mathtag.com 2 redirects
2 px.ads.linkedin.com
2 biddr.brealtime.com adxbid.info
2 serving.viduck.tech player.aniview.com
2 sync-tm.everesttech.net 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 creativecdn.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 prebid.adnxs.com video.gjirafa.com
2 gum.criteo.com 1 redirects static.criteo.net
2 player.aniview.com cdn.mgid.com
player.aniview.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdn.contentspread.net hal900024.redintelligence.net
2 5994599.fls.doubleclick.net 1 redirects www.gazetaexpress.com
2 s0.2mdn.net imasdk.googleapis.com
2 fonts.googleapis.com video.gjirafa.com
2 jsc.mgid.com aj1431.online
jsc.mgid.com
2 www.google.com www.gazetaexpress.com
tpc.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 t.teads.tv www.gazetaexpress.com
2 prebid-eu.creativecdn.com adxbid.info
2 hb.emxdgt.com adxbid.info
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 console.brax-cdn.com
1 ads.yahoo.com
1 id.rlcdn.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 mwzeom.zeotap.com
1 cm.lentainform.com
1 ssbsync.smartadserver.com 1 redirects
1 jadserve.postrelease.com
1 cm.idealmedia.io
1 s.adtelligent.com cm.mgid.com
1 secure-assets.rubiconproject.com 1 redirects
1 go1.aniview.com player.aniview.com
1 mug.criteo.com
1 s-img.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 pixel.mathtag.com www.gazetaexpress.com
1 hal9000.redintelligence.net www.gazetaexpress.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 lupon.media securepubads.g.doubleclick.net
1 d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.mgid.com jsc.mgid.com
1 www.google.de www.gazetaexpress.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 sync.teads.tv s8t.teads.tv
1 stats.g.doubleclick.net www.google-analytics.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.gazetaexpress.com
1 aghtag.tech agorahtag.tech
1 s8t.teads.tv a.teads.tv
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 adxbid.info www.gazetaexpress.com
1 agorahtag.tech www.gazetaexpress.com
1 a.teads.tv www.gazetaexpress.com
1 gazetaexpress.com 1 redirects
0 sync.adtelligent.com Failed s.adtelligent.com
820 128

This site contains links to these domains. Also see Links.

Domain
tetjera
youtu.be
www.mgid.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-09-06 -
2022-09-06		 a year crt.sh
aj1431.online
R3		 2021-11-08 -
2022-02-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3		 2021-05-02 -
2022-05-01		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
paadserver.projectagora.info
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.gjirafa.com
GoGetSSL RSA DV CA		 2020-06-01 -
2022-09-03		 2 years crt.sh
cdn.projectagora-adtag-library.com
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adomik.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
redintelligence.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
update.ib.adnxs.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
contentspread.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
serving.viduck.tech
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh

This page contains 55 frames:

Primary Page: https://www.gazetaexpress.com/
Frame ID: 8009702B72772171BB380F77CF21856B
Requests: 296 HTTP requests in this frame

Frame: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Frame ID: 26F4B3B5F1297FB24E886020221B5E79
Requests: 55 HTTP requests in this frame

Frame: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Frame ID: D8F96CBB0FE2E30681D2DF69029B3EB7
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 27ACE71D200B34ADAEF27E2DC77E3E98
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: E916AAE45CA737874B6E3320C8124C47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1638370512&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638370512065&bpp=3&bdt=382&idt=432&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7739102639055&frm=20&pv=2&ga_vid=1938265151.1638370512&ga_sid=1638370513&ga_hid=1201867944&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2799477278644123&pem=813&tmod=657395804&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=456
Frame ID: 70A2A8A2C2020BC1EE71E53D6AC5E091
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2913A7E05E017B43A5441A9AC4D9941E
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: ACC0E0BB012616DD26F25741A26BE041
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: 1E153E99CEB0BB180009463CBFAB2C79
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: 1809D4F112FDB7B002A180AC51E23E14
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5043
Frame ID: B02522E72BC4DB4AED5B274B2D0D2395
Requests: 19 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5043
Frame ID: E18780C6F8695D9ED6FA696DDBE1821D
Requests: 19 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: 8F692F69C061A48ECA5F2DCC19BC102D
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: 7C572B68C169762C6B9B1DC4F6DF37F7
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: 39143E9C281D26406337B3E7997B66E8
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: C269DFAD0B0A0C0CAA0B8E921D713131
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4361
Frame ID: 0CB20AE36F8C042AB287C2B4E18F6AE2
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: 53FD2B8A5C1C53D5C4BE344C60A7A6AA
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=6750
Frame ID: 1051C1FB670B10F06030841199ED46FC
Requests: 20 HTTP requests in this frame

Frame: https://central.gjirafa.com/
Frame ID: CDC141B57B8E09031E52A5FE7A24E9BD
Requests: 2 HTTP requests in this frame

Frame: https://central.gjirafa.com/
Frame ID: 2AE4D108A960FFED9E6855477912739F
Requests: 2 HTTP requests in this frame

Frame: https://d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A578BA51FB6884BD374D70C2A0B7135F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 777C8D24EAD69415AA62E971126A3141
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 1E9A554716AE6C0E07E4F1948556955F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D6B183E397387A8A77C39DE871E4E81E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 159D345ED5F0110431878E15C65A585D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts_RagldmiUS7JCSeoqSQXEqs6wEtIOo4KTcaVhuSB1ECRzQYitevZDq62RjMmeuYkz3PFsNukTOObq1X30TIKdIKJbTBaDaEoKZ8f8K_1Sa7NNvDiW5Pg28HS12SPwmAbHrQx02r-5S-QQcLm9ohcTMD5mjgmg2z3xwYEg37tHAhma6qY4nfz2pno-LD9zSp7NRRvmRju9KuB7cW6dwNkwquNb6-6zUTEx4TZbNJ6Qjo_nVFNV0pjwgg2L1BF1LYjQcXjnnZ5GuUj3EKLacaOzO5LKFswCvjZXXW3oYc7VaElRDMO0uPTg6hWWlcU11X3UQ&sig=Cg0ArKJSzOpvIOM55RsWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D4D95589F916B247B52F6DF673D46DCD
Requests: 31 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 94299A1CCB072863791869F2A9300223
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 5EA1F1C507161EC83F824E912EE06F42
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: FE5EA9BED01796BDE0D8DAA0D1822406
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 1FE4DBB10986D1454C41B6F8C472CE0A
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: EA5778EEF5C8594B4418035295E9338A
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 4FDD8E24282C59D15ACE4677EBF3CBC5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 2F42375BB5E94229524BA7E090B138B0
Requests: 21 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657
Frame ID: 3D8BD66C412756CA0DDD25BCDE011C20
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
Frame ID: 298E2F513EDEF2BF5B430F6CBB083D70
Requests: 6 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 0AE626BCD2C4192BFF8AA22DA264FEFD
Requests: 20 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: EB2D7757308057021731E73372FEC3C8
Requests: 22 HTTP requests in this frame

Frame: https://cdn.adnxs.com/p/36/cf/1d/97/36cf1d97ec316ec150290ce4ea90fee8.jpg
Frame ID: 61B351EE5E308DE9E121024FFE9B8059
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 3EC92904CE2B4960A38C30FCA6040806
Requests: 17 HTTP requests in this frame

Frame: https://cdn.adnxs.com/p/36/cf/1d/97/36cf1d97ec316ec150290ce4ea90fee8.jpg
Frame ID: E1E4B9119314D452A7A465396927E93C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5A79C2BCC05A01F8F0B6DE03430D66EE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27DB7AF6E8E617631CE90A06700A99A9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: CD83DCC9BD55EEFC42786D660C0D4BA3
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 987F54F8620A4791F748086665C8CDBE
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: E08E125EE02B27DFB40257DB07302B0A
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1638370515800678893196
Frame ID: 6906B9FF4413DC70B5FA4CEF13CEE614
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 0D0E9CB955A2D9B83A4F00E212FFD198
Requests: 11 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 15877E359BF4A2A5A9252039DA2379CD
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 930BB7AE1488D7BE8AB548FD7ED6A37B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F5DBE6A78477AA5895A37C1097C7B9A
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13396601
Frame ID: 11086655263A47A0053C8DA8622912D8
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 1E549D2F27CE5AA7EDA847A36678D0CF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A4C5AE95E6B06DA2DA2E0AED343A31D4
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13396601
Frame ID: E55E7EAAF5D5C93A2FCE721C8527CB3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gazeta Express - LAJMI I FUNDIT

Page URL History Show full URLs

  1. http://gazetaexpress.com/ HTTP 301
    https://www.gazetaexpress.com/ Page URL

Page Statistics

820
Requests

95 %
HTTPS

35 %
IPv6

69
Domains

128
Subdomains

104
IPs

10
Countries

29649 kB
Transfer

54166 kB
Size

77
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gazetaexpress.com/ HTTP 301
    https://www.gazetaexpress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 199
  • https://www.gazetaexpress.com/wp-content/themes/express6/assets/images/t7live.svg HTTP 301
  • https://www.gazetaexpress.com/
Request Chain 526
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWWpVeE0yRmpaVE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTUxOTMzNzM5NDA0NjM4NTkvNjYyMjQwNS80NTYyMzEyLzEzL1JyVG5rd1otREFJdFlvd3pRQ2V1Z3g2dVF3TlBTemM1eFMwLVhJMWRwZGcvMS8xMy8wLzAvOTU2ODAzLzE1Mzk3OTg2ODMvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MTUxOTMzNzM5NDA0NjM4NTkvenJoLzAvMTMyOS82Ni85OTkvMzIyLzkxLjE5OS4xMTguMC8wLjAwMC8xNjM4MzcwNTEyLzE2MzgzODMxMTIvMTMvMzE1My8/D2ZYxLX0AmVx-h_fEkpIPTEDOgE&nodeid=2633&group=zrh&auctionid=1615193373940463859&shardkey=1615193373940463859&sid=4562312&cid=6622405&bp=a_bfcjdd&nfy_act=LD5wew&bfip=185.29.132.24&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=1615193373940463859&node_id=2633&exch_id=13
Request Chain 537
  • https://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1615193373940463859%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=1993578590983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1615193373940463859%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=1993578590983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 552
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657
Request Chain 649
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=JLA5_HxudE5DNUtxSFFRL2xUaXpvd3dBYUJabnFjb1VxMkFpZnAxenBIU21tcmlkdHYvYkhBeXNNQlh4VFd4YWdoQk5vQXliM0tQV2YyMDVYclVac2IyQ3ZuZFlMQVREMURWTGtld1g2RlNZV3NXa0hlSHI1S3pzY3lsMXZpTnRTQUo0b2JESlZBNlhwWERJQk9oMFl2UFhBYlkxSkJ0SFlUMEVIbHZqbUZHOThtTUJIMjlieWdrT1Q5MUg4cXVtTWNIWmw2TGFUVWhZRmpkaWdpeWxpOU5ZN3RJL29DWUtPWG51UElSN0J2RUV4S0FtMU9LbFJiZDJpbEEwMmlsRUFUOEFtcGNEQW1IRTlUY0hVSkF4RitiV0dUdz09fA&cppv=2
Request Chain 681
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 684
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=e67b3007-4689-4e1d-87a2-ea846b68bbe2
Request Chain 685
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=NxdRaGkZZGsZgEa0CY5n&pi=mgid&tc=1
Request Chain 686
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lb1f_GQtMhT6 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lb1f_GQtMhT6 HTTP 302
  • https://jadserve.postrelease.com/suid/1011?vk=1ad12f31-8e66-4653-b9f7-041710d108db
Request Chain 687
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb1f_GQtMhT6 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4922489347080781784&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 690
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=56bd679e-859b-473b-adad-e7ce7527f7fa
Request Chain 691
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=76ec29de-a143-4b49-bc72-e8760bb365f9&ttl=1640962515
Request Chain 692
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGIxZl9HUXRNaFQ2&muidn=lb1f_GQtMhT6 HTTP 302
  • https://cm.mgid.com/google?muidn=lb1f_GQtMhT6&google_ula={guid},5&google_gid=CAESEKi0vVwgaXrlHsLxbq1AkwE&google_cver=1
Request Chain 693
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=1ad12f31-8e66-4653-b9f7-041710d108db&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_7d1f0c75-2e8f-4644-b9cf-04693fdad864&bsw_param=1ad12f31-8e66-4653-b9f7-041710d108db&expires=10 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=1ad12f31-8e66-4653-b9f7-041710d108db&gdpr=&gdpr_consent=&us_privacy=
Request Chain 715
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOTkkyUUotMUctNlZLMw==
Request Chain 717
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/20kC8yDhmRTl8eFtnqBphMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=705737203631916884
Request Chain 718
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFuw8y4s4JieZUAlosISyFw&google_cver=1
Request Chain 719
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YaeM1AAIyONTSwBG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaeM1AAIyONTSwBG&_test=YaeM1AAIyONTSwBG
Request Chain 720
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWNNI2QJ-1G-6VK3&sigv=1&esig=2~84bf6608560c92d4533c5fd684e82c282ebf06a4
Request Chain 721
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI3MmM3MDhlZGY4N2JjMDM4NzljNmFkYzExMWNhNWU2NWM3NjBhNg
Request Chain 768
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUUwRUNCRjctOUVBQS00MDUzLTg2RDktNTc5NzA4MjJFNUUx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 770
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 771
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUY3RTVGOUMtRDJGMy00NTlBLUJBNTUtQTJFQ0Y1RTUyRURG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 773
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 775
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkY5QkNGODEtMDU5MS00QzYwLThDOTAtODkzOEE3Mzk3ODk5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 776
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 786
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 788
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 789
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 790
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 792
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 793
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 796
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 797
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcyNTM5OTQxMTA2ODU5NjkyNg%3D%3D
Request Chain 802
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
Request Chain 803
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
Request Chain 805
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
Request Chain 806
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
Request Chain 807
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3725399411068596926?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-v2MuPpNE2oRKJxpDVv21KQjsCMxMnS7mnNs0_mETNQ--~A&dongle=0883
Request Chain 808
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
Request Chain 812
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
Request Chain 814
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=

820 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gazetaexpress.com/
Redirect Chain
  • http://gazetaexpress.com/
  • https://www.gazetaexpress.com/
152 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5273c367f5afaafb3307d4721c7561832b2d0a4d92b976ec3f9e8de735d1696a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
x-elasticpress-query
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHlKsQ%2BdSZnyv%2FRgxwvAWdeDbLCMs5N2n9IgyYaM1zXLtDtLmiFjIi8PmXS6KHYIIrdXXFjNkEx%2F0G6Wmlf%2BP8kMmS850XMpxYRuYiIxUfN9zx95Ymirn%2B6tNHXzapXlnGqEpQAVsv0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b6d27b189844401-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 01 Dec 2021 14:55:11 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-redirect-by
WordPress
location
https://www.gazetaexpress.com/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPP4hWaw8j%2BfWAN6OWKvvM%2BCBCqWUPxGrRkw2HlMlB%2BkvC1gCXsMgfL%2FlD8DMCBZ1lJHecL00bPm2%2BUeuZNvwNWV8tqg4OcOfuKq%2B0FnpSiT%2FTlBpF%2Bd4FmU7OLjYnuD%2FSk51A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b6d27b0a9f1702e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
www.gazetaexpress.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8601627
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
BZYB41WJ786Z9TZD
x-amz-id-2
lodgKKb0lFI2RxIFwISApKffsMUBeJhsyATP0jIn6WvjfCmKmraNgeFqpdgiGfhxDVeLiFbZstA=
last-modified
Tue, 10 Nov 2020 13:59:35 GMT
server
cloudflare
etag
W/"b61e1b8cbc26b381f84b9fe75d6bd20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cEzf3UowI%2Bpw9SEuXXjKhYeBu%2BpGKSmfmOkWwJOZ%2FHdicatI6FU8eIeb%2BtxwdrLuZBS%2FreXhV9ari1e9Tl1fsUTGd%2F9%2Fry8tS7HT6vv3zQUYNW6iHBY%2F8IfyiCFuTmWcji1yzYxICo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EbY_Qr2u_RqkzHBQ7tezB1tU2A4mETa.
cf-ray
6b6d27b22ad34401-FRA
tag
a.teads.tv/page/76285/ 		789 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c40d0fc965fde82399e88698b43c234fd3cff5d710e830f7dc4f1aa2c2a5d49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
491
expires
Wed, 01 Dec 2021 15:55:11 GMT
gazetaexpress.com.js
agorahtag.tech/c/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agorahtag.tech/c/gazetaexpress.com.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4962
cf-ray
6b6d27b3790b1f41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1538
x-amz-id-2
oHaC4ZEgaYFEkWa1XeBd1eoea6+8AP9GykWeuJ9oGi46DpNeva/dms43vTBLOpANPrMAjr/SxEs=
last-modified
Sat, 05 Dec 2020 13:38:00 GMT
server
cloudflare
etag
"9a03cc3598f1fbece481220c80dd2575"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYFK9cx%2BAJix61bUuNX0hOLOJ469A36dUNJhH%2B6zVRhYbnwvah4icmpaHbakYMIn36EnGAULXDjeOaDINAS%2BfAMtRnwJc1hKnFDdf3jSWnnoJtEaiEOhZXBXv5WUF5tJJluTCBSg%2FHN8a%2Bw4Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
55VQ4QA8WF2YHF31
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00b947ea6f4d79abbb05e6fe2a90558da314606ba4cf626dd4dc046d743c163c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51195
x-xss-protection
0
server
cafe
etag
17700313159313253539
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 14:55:11 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 01 Dec 2021 14:55:11 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AkdWFmz3+ZBD6nME4CH9VA==
ETag
0x8D8DC207C714D5F
Content-Type
application/javascript
x-ms-request-id
ddd08b3b-201e-0055-4ac3-e63a32000000
x-ms-version
2009-09-19
Content-Length
7361
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
fe917a5ef00f3ba444fe50063ece8266ac0e6d684945f6a7e031617415d5e20b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 341 of 1000 / last-modified: 1638361254"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26843
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Dec 2021 14:55:11 GMT
gazetaexpress.js
adxbid.info/ 		545 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/gazetaexpress.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69125c0bf0b19b4fe3e1673b40ab0c1d87ca795023d5d3d8f8bdeefa690e74d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 15:26:31 GMT
server
cloudflare
age
5256
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIuVr7SxDJ8nnzV1Ngin5iIdsWJT%2F%2FdnsDg4qGKYrYJhIdDG1atRix7%2BYYUiXO6vlVJRkBN4B0rT53fyDbPhKVKc2NeGX9kR4nlMp4piTZRwnafNM3Ge%2BTRvdevmShJELAAEh6BFdXddNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b38db0073e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4451276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqXqJ8PlK98htCFrdTutGOvsHQKVOafFmMnhrg%2FCZ%2BqGiUNu8IZrgpRaLDz17FfSU1NE1U2zGxnHqSC2nMF47w0Y%2Fp54tG4pa2BUOGZWlV4qUal%2BoYV4ihbWiuQLXTJ7lFayusurgUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22ad74401-FRA
expires
Thu, 21 Oct 2021 02:27:15 GMT
related-posts-block-styles.min.css
www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/ 		284 B
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.5.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2900188
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 07 Nov 2020 00:47:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdDpvJLhQYzlxlDfLou%2FIpT5nczW0PEYiNKy3ciP%2F4GgawZ61aTxaEUABpFeeSpGeSkrpq7Oa6FT5N3XKwReEoM%2FSXMdPQEzUo%2B96S8fhRwvYFONTFWE4mxO09K7AXirVf7MC5df4%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22ada4401-FRA
expires
Fri, 29 Oct 2021 01:18:44 GMT
blocks.style.build.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2900112
cf-polished
origSize=27723
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhxO3CiJRm0x7JHCE%2FuxdVJEKFH8vKAYFSvL2nNbC76P9lcorPLpx2QxH%2Fs%2BYljJhV6P7XpGTeOD6HRFqPpbzWZNOXI1TvojE8LfduqUwUXH1yUBHOvF%2F58xINE%2Fu41qWnaBhPMIXQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22adc4401-FRA
expires
Fri, 29 Oct 2021 01:20:00 GMT
style.css
www.gazetaexpress.com/wp-content/themes/express6/ 		104 B
411 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/style.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
cf-polished
origSize=112
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 06 Jul 2020 07:49:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSQQUReoo5qFj%2Bo4%2F9sOSl7txWQGT926tNWRtjsV%2BtARV4Aumq7%2FwdRzEQrHwjPbFibRfi7YqnsHUzvfwkCGuyER0scQBnePQyJDq53HGrIvwp5sjFxBF9B3USwcWmxhLWCjaNji0ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22adf4401-FRA
expires
Tue, 03 Aug 2021 10:25:38 GMT
mainStyle.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3053608
cf-polished
origSize=67115
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 03 Mar 2021 17:56:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuEYgJK3Mt%2Bos1cdIkWClKFqeAl%2BJ9sCfVB9vwcJIcN2NZGSeLxTYS7ZDAvtpKM9Rr%2Fct8fSzudb%2Birn67Pk1pzez7f2L%2F0ZIrLr5d71u%2FvA2lhulRadnavPEUIXkJa%2BE%2BIYUSukJRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22ae24401-FRA
expires
Sat, 06 Nov 2021 06:26:16 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/bootstrap.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B3bmO2zECXu%2BlktSQUMQ2OQBKME7cwsGITRObBfYPN5GtHekqF5vCXQtyI0nxsfIAYNVP%2Frd%2FQGLNId76Ma%2BmqB46bfC4OPveV5xXI4qazw8jK5JzkJq87W0N%2FCwkZspfEZkpJIx7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22ae44401-FRA
expires
Tue, 03 Aug 2021 10:25:38 GMT
owl.carousel.css
www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/owl.carousel.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
cf-polished
origSize=4744
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1rd8%2F41%2BkN5HXSKW5onIzhuncrNKs6Uf3jviUnPjoNgho8fMSFJVHeJRMocUvlNtRJGzhnX9bzwaEsDfzUsVWnh7MX6kua0BvmLC3ZYfVZXBvafXM77vmqhv7ERikD0k%2FjR4LwWU6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22ae54401-FRA
expires
Tue, 03 Aug 2021 10:25:38 GMT
wp-featherlight.min.css
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eZpohOszAReM52jBmY1W9scaofamOF0L0cbmV3l8wSzQWdDeKGrVbJUh7SebyDkXiL8iAEONZpsmjwvvTG7jJV7EKci5Ro9lO%2FRNIDiE2gOZ%2FTW0okEVE7xxe6MaFTG7SQerkeeWGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6b6d27b22ae94401-FRA
expires
Tue, 03 Aug 2021 10:24:49 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
cf-polished
origSize=96873
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3m7HnNCQPKa1KHQqJn%2Bdb9IjCxaTm%2BERRAvNGN%2B6AhKCP93xKJoiGYvwTe5GnooAeJfeePnR78myGbMgnah9rlUpejPtqEcxoSGnkqZqJhclom5dySrVx2VnhjumayYT1n44OzyYAWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b22aeb4401-FRA
expires
Tue, 03 Aug 2021 10:25:38 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5owMo2aQ3yumC270sY%2F3UV%2BNmGGoT1046ArZcaA0zIUxchqFk5ZH79rVHLT7exhzc2K%2FjbTOUNd3amGDZHbloi4uEuoEL%2BrC7s8D79fE9gAmev1LVXDUjmhQbjid78C4vQU9pwTdqTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b22aef4401-FRA
expires
Tue, 03 Aug 2021 10:25:38 GMT
invisible.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb393b85bc805c13919d760cd08dabe22aed426795ba8315e086e3bd6a10dbe8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPMF4rTjwgy2xpjEYrTl9hVlIBAvjeNFFkYTGbfzI0LGGE%2B479NiP3392eJuOMZwJiMDxYTd17bBerI%2FE95TUAYOZujJMZOtsy9JgbcYxy1H6jIQeuF7%2FEpkzQB%2BLZmvFzCXaPEcLSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6b6d27b34ba468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
041528fb.js
aj1431.online/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/041528fb.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
c7a370e6aa67841b327a823b57cd1f19d4225c246e8ff4782bb02076e9db068b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"0edd61168246c289b28eb51d65477ba98"
vary
Accept-Encoding
content-type
application/javascript
express_logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/express_logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m9hMt82glGg0YjsUmDowD9o9rMwdsvXFQPoJN1dJtEF7I42ETAkhH%2Fpun9BaJihN9htJiS%2B6lRAmpfi8cEzY5%2BFGkBdn8L4ISkhdCogOKOO5ihGQW37%2Bb12nsvUFnnY0x3Qgodjpt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bb168f5-FRA
expires
Sat, 24 Jul 2021 07:52:38 GMT
world.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/world.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6870664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FT6mzAHpXvkVAwkMsZEQ86SvOZewQ1FfVFFjBE%2F1273SdNiR5mZo1XDVVMyMLg9bCgJzuXhhdSx5717FWtXmHFYtqRxRiNloQfM5yF%2FlZWT6J9FMV0VOjHXD%2FNxsJ6vB1d7SnO3Fuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bb368f5-FRA
expires
Sun, 12 Sep 2021 21:39:45 GMT
noun_live.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/noun_live.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2900112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTcviT%2B2wX95y8WXef3ENEq3W6vNH408mwT%2F4wtN1gM0h7NW0wicmb6hGO0vormlUeSDqq6Ogrd6FQ%2FeTQQhFOM7h2B5uo%2FEUlj7U1gSuEzWgEbyy%2FtabUpwd6Dmuoqi0RDh9UpUXlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bb768f5-FRA
expires
Fri, 29 Oct 2021 01:20:00 GMT
search.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		509 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/search.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k21n5FfwgmvZIwQCq2T%2B4JUfPcu0Gx9%2F2WCaSx1gWMLslXYnqs%2BUN%2FO8tBTMIzUrxmLzhhTDyhoF4%2FmOud7r55F0v7dnZcXEVkC1l3A076xBcF%2F4DbIBMY%2BgFpMyEZlKx%2FF2HLDuq9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bc468f5-FRA
expires
Sat, 24 Jul 2021 07:52:38 GMT
youtubevideo_icon.png
www.gazetaexpress.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/youtubevideo_icon.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 21:40:59 GMT
server
cloudflare
age
10257249
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFOuuZYv3Yt1TfH51B10t9NEqvx1cgeOdNcXNHFp2GQnIsDkDAy%2BdkePjC%2B0GBQ6wxxU1si0gwDkqs4F1YaHEaj782kdu77%2FtolWSKaA2zlYr1h5ZDjHTuPEmi5sPcgpU%2BCZQ1zxgRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bc668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 14 Aug 2021 21:41:02 GMT
thaciii-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/05/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/05/thaciii-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e2b6c772452c201dff7c979bdbcaf400787d3d43916ddd4e922f4419ef9b14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4337
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40436
pragma
public, public
last-modified
Fri, 21 May 2021 14:28:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs2abjAWzhDb92G6jDcD4ze60Ql2Xgu%2FsiQXgxIskdDUj98fIRossexokyvBp2%2FptILlwNSqKV7qYeQPJQq12zsbv7rF8%2FbzA9%2BhonHn6bt0l8%2BHgxrxb5j9Fat8G32MhD1epELlKQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b35bc768f5-FRA
expires
Sat, 11 Dec 2021 13:42:55 GMT
Haki-Rugova-e1623614558166-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Haki-Rugova-e1623614558166-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c202d221f593d44ab7aae4d1d9f0f51b92f80f6a26628248cc1cdacedc9b776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8997
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 12:24:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idf4Eb1vSJeb5EuHDE5ikPShkOz91KSezWjs48I12UnspHFO89qkzwKX0KPU7OyFZWHq0kpjZ%2Fu%2FiZUoY%2Fs3oSIv4F67tVPOPLxXpvJ4%2FAHIOUB721mMqkAesl5UN3vKyih3I7DbeJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bc868f5-FRA
expires
Wed, 01 Dec 2021 12:25:15 GMT
Covid-19-qkuk-koronavirusi-coronavirusi-pacient-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/08/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/08/Covid-19-qkuk-koronavirusi-coronavirusi-pacient-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1eda76ef838814a3aff920cabf1961046b317713e1dcb13d918520650b1573e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3530
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Thu, 19 Aug 2021 13:34:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHffnbafbSZA8mxAu45IhHZclfQ9SaTWbRpYf3s4VNsLmagrmWiVOmQzcZRsFcaDgbF9TyuMIu3KbNRX8Lw7QhP72BqW%2BvnS0nctzuf0fItnFD0fJI01ht6tnGwX%2BvtsFZqFW%2Fk6HFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bc968f5-FRA
expires
Wed, 01 Dec 2021 13:56:22 GMT
parat-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/09/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/09/parat-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873c6477509668bcf101b755809451cba0ded528c24383979fd776cb0f364b79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Sep 2021 15:59:08 GMT
server
cloudflare
age
4835
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDieUW%2BDkGKx3KxIHhc4k90nq2kl9IDDMZiJhADh%2FFejcj3WkD6cKTYExEUE2P3CFwvtYzuyHbtJJGoZSpgIbsfjr2Q2coXKIdAyQxWwBROtIKvybWxobnCxxAZ560dge5FJ5j7dlMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bca68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 13:34:36 GMT
1638346854-collage-750x500-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/1638346854-collage-750x500-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4fc61928774a19f4f1f47a3144857a3e4958bf4ac8a66ee133b8da624dc9b2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1294
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 14:32:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuzKbmTuXyv0RGyEdJ7N1thiw2WBbbWktlC4AyZ11RsAL13Xp1JV5MOJlrx%2FCWjBLw5prSal%2BLvhrm5JR6d0PJTwCspAGGbpabbOgfgcLb8cp9GzoroSlzaFf4p23wAGFb1DfYkvAeI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bcb68f5-FRA
expires
Wed, 01 Dec 2021 14:33:38 GMT
Mynih-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Mynih-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5f283dde96971e070c68e4d547a5b73de58e35314c99aa1c60e47815651958

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 13:23:41 GMT
server
cloudflare
age
5476
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2j9Z9m0OHwocDoHN1etzd2uAQCZYkXrpQRNzsOVpS%2FC1pxcPKB7GPYMj3knBzK2s6CFBzOCnn4HW7FPJkVWVVEbHeMjCvYRxWY0%2BFvXO2RFXXkFmGKYIQFHiwQDiNtouV9sj6XlA4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bcd68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 13:23:55 GMT
zemmour-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/zemmour-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da260e24d5adc1d7fc8f03a7441ba04a52f4067e785f52752fc6387bbd8e0cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:43:01 GMT
server
cloudflare
age
358
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC1dvmcmJHUtzn%2FbTQRfu2Ng4eHzznwYdl2KVl%2BXptHRtUyCj1P9PVI5Yp2YbBXfti7duoCOqvVsOiVVituxZrVDZqMHi7D84wblbfSZPxyBK3%2FaALLH3uPve5ZEl6zEYQYatnXxnzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bce68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 14:49:12 GMT
Screenshot_2-2-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		329 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Screenshot_2-2-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80de277ef9de6445ec9a9f4838c2ad4c33cd0413a2e6910be47472abc910ab9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5639
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 13:20:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oikb%2FKd6PJ2toUbQHU0smZ1F8siv9xx8c401TxfN93DVjojQ3DFn%2FfYtwPkTgLBK62kIhz080PfEg%2BoR%2FjtQoC7GTKfQZgEcnVtSWlTQ5Po7qHPOcbLMGVynxtf1vdyH6homhZ0GB80%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bd068f5-FRA
expires
Wed, 01 Dec 2021 13:21:13 GMT
auto_hashim_thaci-_speciale_AP1635347626.jpg
www.gazetaexpress.com/wp-content/uploads/2021/10/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/10/auto_hashim_thaci-_speciale_AP1635347626.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec082db75e9e007f535c26a73cfdcff9677866d275c5b19027cc27a47779ad4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Oct 2021 15:21:16 GMT
server
cloudflare
age
17264
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJreY0F3oSauFqjeXuQ0tZME3J8JMnb%2Fqka7pF7WO%2BsdRWCizDhi9w4lmxoggSS95B%2FC%2FaVq6OBY7EnUT58hEnA3uHCAbIg5ItEo5FaAOeT5UADaYXEXF3p5iXRvKWiDNLx6Jy9VjHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bd168f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 10:07:27 GMT
albin-kurti-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/10/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/10/albin-kurti-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f45ec11c2a1f1ac0f167cc4e21860b9387fc942797c57609051822ce700f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22372
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 20 Oct 2021 05:04:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dewHjCWDmMw1DDTvwW%2BVSKenxKYE%2BQ4sAIPmLAFb2SU5ZwrYHFlohP6fZZ3TYM4p1sug%2FDkrFWN7CvOBaZ87Ty6GQV355rNvv3%2BrOYNucV5KiKcEO5Ekd7fIlOCJAAYvF63g%2F6QWzgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bd468f5-FRA
expires
Wed, 01 Dec 2021 08:42:20 GMT
bashkimi-evropian-587x391-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/bashkimi-evropian-587x391-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f76ccd59023425468713d428d1bed7bf0d10f8ed49f568950a6d1a385bfd7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29932
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 06:30:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Py16omiY1G4VyEA7zybiKbQG2YmZKNmZ6f5ZvrnGDVIYYKavujPoZR2N1mwkAu3nmzFAUEDYJEMaWBqx3QYgIutN8NIjEvO4ltinj1e%2BN%2Fj7rkcwwZoS9xpxUelBFI%2FzauHEdUokBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bd768f5-FRA
expires
Wed, 01 Dec 2021 06:30:28 GMT
qeveria-naten-mbremje-2-2-768x426-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/09/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/09/qeveria-naten-mbremje-2-2-768x426-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d68d3ea4d58940eda6bbf767bdf34c8576faf6a3e44a405a811f7947cee8e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67914
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 25 Sep 2021 20:55:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQC5y4AiAeQm9hgqD3EHrfwp6ZczsclmnCk81cOltVAdJG%2Fbr%2FpduiFHYCSnlk7OiXqhQe%2BKs2%2FOGf6nm1KiH9XNi7HhHPGpE8QDrxS4SYJVuoqBmqhrVfUdMeWFfJeGLYai3rEVgOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bda68f5-FRA
expires
Tue, 30 Nov 2021 20:03:18 GMT
KURTI-SERIOZ-ALBIN3a456e91531d5e81-1200x630-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/KURTI-SERIOZ-ALBIN3a456e91531d5e81-1200x630-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc12fa2e9e1cbeec66b9584ce7da59762cbf4e0d0364d66cea5dc78ccf89ada

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74384
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 18:15:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2AQ38y6AKtU1IT%2BetEnMUj7YsG%2BcsHxCNV%2BZEvBkWuUTvjnWknzvwqg0B4R3AL2WiyQ5ELrEm7ZLparJX5NbyqeDAqH9hUhXDGHLijBB0e%2FRt60gNIMjlZW%2FTnraseLA73gcwfNNho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bdc68f5-FRA
expires
Tue, 30 Nov 2021 18:15:28 GMT
ministra-e-shendetesise-2-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		485 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/ministra-e-shendetesise-2-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd30b47f7d56696f640f2ba70aa485fc5afbbd999b6bf76ac2856053e9f447c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83428
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 15:44:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijCYyZjz062ipDgJrjsueR6UtkY9hTE9keRzJGgIu4pcwwNfQEbEHumN6MgZ94XNkaxEAYlGM9RFvbiFonKjqvCv65%2F%2FP7m2xlqAu40zYlpba6Xn6FOJC6%2Few2fjdzeYJmACEOkmoJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bdd68f5-FRA
expires
Tue, 30 Nov 2021 15:44:44 GMT
manastiri-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/04/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/04/manastiri-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c0d28fc224e5c39162889cb7a07df6b3ada3152bf4aca8793be091f515079

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Apr 2021 21:20:01 GMT
server
cloudflare
age
88821
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWwGpuYjQ30d0Q0BrDGwJahsB6MXJwyvI%2Be5jDOG1MMBDPv7DYFoRUCYjsXXLLTO%2BBseLUdTcBpgJPZlxuh976rviptHFIILfD%2BF3rZhuGKqVHjSvEQgrUV4r%2FcKMIkz3e0qCBKgJ5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bde68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 14:14:50 GMT
186517126_343472127197416_4555732939218559999_n-800x600-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/186517126_343472127197416_4555732939218559999_n-800x600-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6104ac94e847507fb28c977e43666e7c3962ea1fdaa23714f6b410e455f7b58a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90166
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 13:52:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5f5tZQsQG5F9dNBoP3ajxNw8R5LYBdASLOL0BOTbGNEFSyQHCxoDiejLpacbYeXS8D0oXyyKJoycQZQadHydkSP53rwofOMc5x%2BF2%2BA023FMjo0gl9etMoBdA1G8dJCGy%2Fr4vGnCwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bdf68f5-FRA
expires
Tue, 30 Nov 2021 13:52:26 GMT
262547759_4540022589412358_1542053492647323952_n.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		267 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/262547759_4540022589412358_1542053492647323952_n.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eb1bbd3d9fe662e7c762968f345ba936a19bde037e11c8aa11c9a07d17b3eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 11:53:48 GMT
server
cloudflare
age
97278
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FT4pUA%2BXVbIxldffCY5%2BPbNLIu0dmdgWCwI6tUN3etghlTfIXWyb17awrA1UAZZQ2nyAqCXQwS%2FZfBjwSS8yHhoYLKGwCRTekMxrPger3z4cgbKRjkAwNo70H4OBRRHNb9hURekdSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be068f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 11:53:53 GMT
259855454_602248561039380_5261608647423159702_n.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/259855454_602248561039380_5261608647423159702_n.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
763d419329ebf896e36493675fcaaadb2085877a103c034d629d8c42173500b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 10:13:49 GMT
server
cloudflare
age
103273
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3XRAYN8uxbHiJIjA23L83%2BOfIsOfMQh%2B8f0I0QK9ueKbYmJ1HLHW43pLFM%2FEGo5ATh7lxHZe4pfr6sd60ypD4ygbHrRzcK3Z5Diii%2F8V6InJR9giianwr1lMgOFg2HcZkJ9XSpkdPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be168f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 10:13:58 GMT
rrahman-rama.jpg
www.gazetaexpress.com/wp-content/uploads/2019/12/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/12/rrahman-rama.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4533dace9efa40950656f5d709830faab04b540210a81c438e9a5026071ae7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 22:29:02 GMT
server
cloudflare
age
104803
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SE2D3GVnb%2BBY07cvZI9iqAP0bg3PydHQhRLmSBPJdKCYi29%2F78fO4WFvAYv%2FJGm4osVafsv1C2mqnXHRbe3WlILhpObyIYuFyP4PEBF4qajM0l7NzsfLaUUnS7i4uUgZ58CaytKQ9oY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be268f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 09:48:28 GMT
OBSH-2.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/OBSH-2.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7525f4e6a80583ba9b91b9af2384c0e1374220e4902598f9430419139ad7d15c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 06:59:02 GMT
server
cloudflare
age
114964
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQJMQOBcg83L2D6AwNQzFKlvNaQj8WjzVvf%2B51kxwoCZlYIsVHr%2B%2BXlyM1bA7ArI%2BlvpgQjmKxo93lQrctE2kxF3CNv55rWQWwLAwXiC1RwSVBCKP4iWTScAKoU1uvR5t5If%2FQAcMvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 06:59:07 GMT
Autobusi-Decan-1.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Autobusi-Decan-1.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03df78939f58f0f370c0e875a462257ab915a431c2909b4643f63cde3f686a55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 06:31:34 GMT
server
cloudflare
age
110680
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPSX1PIz8vKOX5AWukCQv%2B9PdlNN0K6yQB6At8or7gxbxS87tHVQa0lRxgdPSUpkONeVhU4PRI4T7deAD6uUbzn4JuZSFwF6%2BQ%2F%2F76B7RlBMTps2K4F5U1pYFMcAPb1rV3jOYb6js%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 06:31:38 GMT
Screenshot_9-14.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Screenshot_9-14.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0280ec51f7326523c88195bc383aef341b49b6666ba8cd8ff5d259bd491009ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 22:22:17 GMT
server
cloudflare
age
145946
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GAUX%2Fg8a01l6I5IUJBDUICfVH%2FwPvdWQOTjfCEkKAzTP%2FqxBdi3Ot%2Fgd5E7bvQ90vVb7w%2BoVTZmiZNHQbGLSYNIGoskPP4RZo%2F9XHV6o%2B2XfHz7H8SKKjLcB8dvzHCALaDNG16XMH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 22:22:45 GMT
donikagrvalla.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/donikagrvalla.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c2372b7f4150d881a9b2ad1cd5b353216eb2a251d065fd01804cb23008fa39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 22:12:14 GMT
server
cloudflare
age
145905
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nscwcyz%2FAlCb7eGQftWXtCcOrccKwfVacjdG3VgxKPJO3lFHflJqWWwDcnud79dC%2F5vmSRPZFsd1BiDlTi3qZY8dIbwReLgTnvY5y5F6Z%2FVUUMEWg3qDLm097h6Sm2KvpvDR6gvrwyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be868f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 22:12:43 GMT
pk.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		526 KB
527 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pk.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c274683a4b782b0d85f0a5d6d1e64267cc63730f88fc3c8d358e5d4e7e107c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 19:23:19 GMT
server
cloudflare
age
156709
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhcXRn7KvVv4K8JpJWViyqGwnnC8HIwf0LZVciCFa4UfroU7oUELXCIncrDi53qzsJ9VLTduzbmIWlXK9h%2Funch40BedF5vMNTTdXvRfqTMzWxux7apT5E9beZw3c6P1ikmXdphb3NA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35be968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 19:23:22 GMT
Ilir_Dugolli-Fe.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Ilir_Dugolli-Fe.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d90b4ded123f920d0b333b4370184308689c88ce35b107ed49b22a5e197967e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 16:41:55 GMT
server
cloudflare
age
166392
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hohAk3FoVFinMYstrr%2BNOiCBf%2FIP2wLO7xukwwie0edgzfFaYl3TB%2BomDCLjmZJxiymz3x32ctVr5Slzu%2BwotuXYUnxgHx0tf5hlLZUq52i30aAgkrDpc7%2FtowbcTrQStv6h%2B1J5kY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bec68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 16:41:59 GMT
pacient-spitali-qkuk-koronavirusi-covid-19.jpg
www.gazetaexpress.com/wp-content/uploads/2021/08/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/08/pacient-spitali-qkuk-koronavirusi-covid-19.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e559614916989e92758c3648af0a9db31700d689020499ba90314de28e9b80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482259
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Thu, 19 Aug 2021 13:36:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhgikzkiqaV%2Bx0WI%2FqbrQBAmuB1P1RyftF%2BLxjpkFbyoD%2F2RpprYO9v60mUpHeXuiL%2FEiY4%2FlW19gCUVROhxwAyj%2BYgu3y9dlcvdlN6UAt%2BeFfHm1vJoXggRg2K1hD89vdCC4g7JemE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bed68f5-FRA
expires
Sun, 14 Nov 2021 11:10:53 GMT
Pahor-Osmaani.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Pahor-Osmaani.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72da216881d58eb4ad04299d6ead3c758365b7c629c3839211b1845e945cd524

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 10:47:07 GMT
server
cloudflare
age
187680
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ6L7U3n%2FOCmIic25fN17YlarF2VjQzHvHR641%2BvF2Nc%2FeRDUQGAtqmyCCRxQQNmatAP1OXEk7%2FbNdmmnhppaH8opoH0LIrxR3Cj2WBbbEbgqcrk%2Bev6vk35O0AY04tqwVAvVWNWxhI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bef68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 10:47:11 GMT
t7.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/t7.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b62fd213e58516fb04c3778da4118f4169987bb4ae8caee7b98a46524d0914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTJmuqBxzrWGwKl5VLtQv2tFdzMNUEsOViO%2BpeKmekepHNJg0KQzf28s2lBBqaO9nDA5VMHcYplFIhz15h49kHP10IsEBk905g6PGu4d9Hfi8apRA4QtezmdUsY%2BxdlyLJLWXvQH08Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bf068f5-FRA
expires
Sat, 24 Jul 2021 07:57:00 GMT
Screenshot_3-51-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/Screenshot_3-51-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d207a477226b283dc07dc414dba49f80224469ca61b349983c270cc59c47430

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 22 Apr 2019 07:45:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrXAnmD4lkbSAzldGqzYbvVp5HWvW8NJAACrcJWRDICWvWrcDwXhjO672xTZNtffSFUBXY8EgK4hN5MTnWJiWSOzFMsj8s0C%2Fe0dGF6%2F0zZITA4FBPyn7ploe9eAdt1VMCMxy8%2BfiYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bf368f5-FRA
expires
Sat, 24 Jul 2021 10:25:41 GMT
159171629_2782808701970111_3594014376786044302_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/03/159171629_2782808701970111_3594014376786044302_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e62757bdb4eedf4aebeef645f4ac7f20d31d0169cfc22a69783a9835aa05e6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Mar 2021 23:19:57 GMT
server
cloudflare
age
6106138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSBA4H3GU4jdac3SUsDg5ZgtYJpDfnZ2tYtujJI%2BTIZ7N74dflx86qR7yXHqgZWbAez0d9dkxvpYstZtwqTCWtbFIz%2BzMu1H93SLNr%2FYh7Lju%2F4dEg6mqLRpFhbobQp0FKG7m%2Bh%2FucY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bf468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 01 Oct 2021 22:46:13 GMT
122-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/02/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/02/122-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42982a95acaacb955f1de2cdb519e10adfe82f8b4b99c987f4a7f70eb2f2e7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Feb 2021 00:50:05 GMT
server
cloudflare
age
11247857
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtL%2F8VHuZbKQ1G4%2BAJxRN6Ybv3OxeMAXt9lQusmQWtJYKFRQZSk6MM0s0Wt5rAmB9oVma31AV7PmGSpa6drbWM%2BlHenHNdMEl3JeH97GrgdalrTU3quASGYh5KE9sUfrrTvFxsGDtj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bf568f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 03 Aug 2021 10:30:54 GMT
asyncjs.php
ads.gazetaexpress.com/www/delivery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8590ee2871189fe2bdb44d32ceb04e73194eac8d2785113c8a87c79bcec64f3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37e584401-FRA
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbdPq%2Bhr8Eqlc1eQqzmmeBX58WHk7sBe6IH1cDJ4TpqQUN7yPJbVMfwdLcB%2BZFY%2BYGBJwrP5kytFuEx%2F3P7dosfSY10%2F3NWevAy6%2FbJjWNkjTelZSynAzxs3qzjZhod%2FaJ5oMIDKouY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=3600
expire
Wed, 01 Dec 2021 15:55:11 GMT
Gjermania-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		310 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Gjermania-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d542667ec582f16e0ac784f9e110f362829547d0c9979dbeeb55a7c823908ad9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:25:06 GMT
server
cloudflare
age
1785
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br80KVEojoR%2BIuzPHseQoZCcofvkxbV6465toU4zM%2FuXTVtoqAsGneGPihvMI%2BT087MKaQOdAcr4SiYBDzN1aakC1RSVWP136xkhU9KrGlAPskXQMkK9lPCC0hXK6WgSPnBV21gvqm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bf868f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 14:25:26 GMT
divorcet-685x383-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/07/divorcet-685x383-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b036e6fa73e5aa28dec001ea351c2093e315a85b992ac48fea5bcd35a353f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2848
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Fri, 10 Jul 2020 14:19:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWtRKSgoPOGGAk7uJqCFGOdrGlj2FYd2t651XS3SJ2hkoWXX2wj6pTSRjWItOLXsG2So5B2J5oMVeq3bW96UlsXsvTa1d3rcrTmwqwXwUZQxcysHLwWDKs7w8O%2BJllo0qqOu2gG45Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bf968f5-FRA
expires
Wed, 01 Dec 2021 14:07:44 GMT
Foto-nga-takmi-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		313 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Foto-nga-takmi-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec731d0241085a66f9813967efbeb6760f7b5033671340f1320a336958418bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 14:44:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFSPchUHJ8QSi3gd%2FunFNEoC0vENl3Th%2BMhAVeuDZhgBhOCQVj1JJ9KTeFKwyO5FyQmjLplK1szy6L5MIBIq3XQA%2BME%2Fh4ofMorN1BnRqmTgaJuKaD2JkS%2FRePI8mIdD22%2B0pw9ltqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b35bfd68f5-FRA
expires
Wed, 01 Dec 2021 14:45:26 GMT
262800197_3227034510754274_5136691835548567889_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/262800197_3227034510754274_5136691835548567889_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cae3b00a62681ec0a17d588b584c2e14de385a654554dca588b08e284ba0c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:31:46 GMT
server
cloudflare
age
1396
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvJdbiEcs%2FqONIP2Dvx2l7HiafhsbApLah5fq4tC4Ydj37oYoRBO0uXwxsSKm%2B7%2FtP%2BrHxua24s1FHoK1WzhRXRI%2FsJBVgGTUsnqv2Zp%2F9J2uNBtRJdgUSLHTMDcVDSjqjBrTlW%2FpYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35bfe68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 14:31:54 GMT
covid-2-780x439-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/covid-2-780x439-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f18f0a7c70dcc77aafe92c6f43040a7c20a2910715a3c2f7f4781d11f1400c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187431
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 29 Nov 2021 10:50:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAKWjWE3ZxrkxELyamd4tgEr%2FQJPO90O4njX1nFaLkB7L770eOL7SRosZcqq%2Bep4AH74E4QudABKxSo4qD6gIGXzzfJDKeqf8mhTJZUWD9WKQeDhi7PGUc3EJ%2B2eDhnyRMQXdylQWdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c0168f5-FRA
expires
Mon, 29 Nov 2021 10:51:20 GMT
262428393_225336336394685_7883043448089478298_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/262428393_225336336394685_7883043448089478298_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73916a5e5a6f7d4f62577c3eae0ec207a7e9cfedec43733cf2b10651c08454d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:19:23 GMT
server
cloudflare
age
2122
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay5ACInbP2eUr5a4pWP58u%2BZcs6D%2BclfzXMWsOHtICM%2FJE9DNsJEP2AqwvckjGLtU73htXPI5uZ6QpR3%2BFHy8FRG9jKjUYoxUJ3cxbUX130CLYLgqgplv65LNtOrw0%2FBZhLjSeuXZfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c0368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 14:19:49 GMT
VAKSINATTTTT-600x360-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/09/VAKSINATTTTT-600x360-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c99ea7d90b849bd0b07f4df47b67832c6a817c0eabd144f65fec71ba270594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 05:17:58 GMT
server
cloudflare
age
2713
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ix6tvCYWXKTlGq6Gg8vfB9%2BMLwQ3UistAa%2B4D%2BwkySmXgxu70OTTNqKMB%2BD5piApmt4faZlexb7Ce9JwW6TCwKvAV9EbSMU%2F%2F%2F1LKg0sZcM6qiihl%2BoiwfCfjX82A%2BxeK2MEq4bVDk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c0468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 14:09:58 GMT
imer-muhskolaj-oped-express-914x600-1-184x121.jpg
www.gazetaexpress.com/wp-content/uploads/2021/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/04/imer-muhskolaj-oped-express-914x600-1-184x121.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa65516bd8728ea09002c21244cfc8967b205ecbb45867f528f6c2715f4d50a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
159360
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Fri, 09 Apr 2021 20:05:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJIbJH%2BsVZPQFAZeMXff0Z4%2BGT07ubySc7LTnVZDiuCClPW4HLbcFcbEonWSNoax1DhYOPhqyBnMCtgsMqfORFCSlirkk2OGLialMXkRYnv40lFFBAwGbAZgSuEr43YSg53SNuOpSOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c0868f5-FRA
expires
Mon, 29 Nov 2021 18:39:12 GMT
refugjatet-184x104.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/refugjatet-184x104.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6aa2617adf5e75717a58f90f37dc27b7fdface626c4cec49a759b790a3eadd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 10:38:18 GMT
server
cloudflare
age
188158
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmzrgBDRIsdFUz9wAcngahnrEvJMw7F8Y2tXJ4qATmOi3YIkGBiEWgJD8GIZfI0uYGizqRdWug%2FynFKc18Hb2mOq3jTievOs8IulyrqM4Bpxa%2BlMt7wU3GhkDVTgYhE7ILkLPgPp8ZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c0968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 10:39:05 GMT
1633327882-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/1633327882-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ed0765755b1b61d337e949d09b0e5b4ddd9f2b17c21af589d4c995ce1d9cfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:20:54 GMT
server
cloudflare
age
2018
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EydhBqpcLgBr7wLYjgy%2BDK6ngQGeZr8NbvUG1PGvmJIbZkEp5f4QTJ6nPn1ZajhVOI7jt7WFlRWdGy342Gt5xQB1BDfnGKEPhV4I7hCLmp8pAIQYz3rfkcXyq3uplUm99ckseT2SZgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c0b68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 14:21:33 GMT
kupa1-600x360-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/kupa1-600x360-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8599c83fb90bcf3d1c3a01c36e5c3b417bafdfcdbcc754cf831264d0420a047

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4147
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 13:46:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMUT8mj8pVzkqORzFQ42Zj5adIbTbYr2kQGw%2BspY80tuYSE5oDtWl85vGlz67DeRvMpLa5FXIBHCgGd7luqYGm228ixf5ydur6fPR2HpwG7B5WKm5H4HA8ZujDd3pUilZJTF3svlU5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c0f68f5-FRA
expires
Wed, 01 Dec 2021 13:46:05 GMT
Lukakuu-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/01/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/01/Lukakuu-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc09af9f2e92bb5b4630c30273c8c78f5744d09d64895e2b0b1f5a039f68bf80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Jan 2021 20:49:27 GMT
server
cloudflare
age
4650
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGXWTtI40bx%2FDjyZcb4wMsPCar9WBDGDrmApDg9LQpawhoKWizExDWFhHWewcM7i8wv4N5TQCHkk%2FQu6Y07Kkdxymyk9bcO0qgWq1Ix8nCVLKG5LeQ0rpo%2BgYjL6Khy52RCYZ1OBaV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c1068f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 13:37:41 GMT
De-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/De-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
156ae320cf3e34a0e09aeb76254b4c2fbd03e954e549c711729f88a514a584ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24826
pragma
public, public
last-modified
Wed, 01 Dec 2021 11:30:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b6V3NfB81aKsfyPqwNwtxgrXngqYqmlaAeUGx33r7T7sq%2FB2m8ydiX02v8jnhjzinYE0kFUMSp09W2DZd6y7TJcq3OIxf5cSmujnCl4Clnqpo0chJ0aNdxMmw9hmaqfbT5i42ZFlWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b35c1268f5-FRA
expires
Sat, 11 Dec 2021 13:26:33 GMT
Ferr-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Ferr-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93aaa56772a9c3c0b4b9cc5613f13f3a041167bbd60c68975f89a32862f12028

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 11:27:54 GMT
server
cloudflare
age
6638
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52hgQJhVs1WLfqqzwjIoRO59swSTRBzExnt0mXivQtSrexDspgW1FjYWYwCLbtRiWsRMYjLOagRV6C5PhBEQBuRP567XVOr0R7gUZo%2B%2BFVIccPXiJSKaVCFmEobp0KEDoa%2FzTRMyltg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c1468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 13:04:33 GMT
Laaa-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Laaa-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3083ecc9075acb142c47828d3771ea5bded150a7b0047b6e8bc31d010ff3f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 11:26:01 GMT
server
cloudflare
age
7001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Qfo3qUKhto3V7BvmMGmrec%2FRngHlInsBUJ2etjJtjpxOHkxODUr9sGMSVv88WQqEwZh4N6xmV8tD0uN%2BRzXC0lcGYbfXq%2BJlAGmHlieLfHmcpaG4%2BcDqAr94xh%2Ba%2BTPzoUvRt6L3Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c1668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 12:58:30 GMT
Jor-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Jor-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5ce9e97250538878e6efec547add71c26cb9d4a986bcf62983aa3e5d139a79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 11:23:37 GMT
server
cloudflare
age
9305
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uae5l0P%2FzHN8BlOoNtOSKSmS3mHD%2FCCPs5U7KpSmCZ0gJGL67zDJNoLPKT5zrZJJkGHZ8RvedwyaeYI%2FgGQdAF2kIP21q9zAL9ri0oQ9w0vN5%2FPNYUAWp%2FQ7WGUfr3dxj27%2BoP7T7oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c1968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 12:20:06 GMT
Ziye-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Ziye-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da71792dc84d6ccba8917fd225b275ea7d4feb5e4e35bea24fb6d8eecec31ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 11:19:57 GMT
server
cloudflare
age
9329
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRdIrgRhPhE1Fwp9Ls%2BhoXyEsZKSe7u0YP%2Bcx8MPnefbXTc21EfNc%2F7D84IWRoieV9PHTuZzhF2iRqDX7awqranr9ISrB5St%2BWS%2FHqOmiz31btSroCFGM%2BQf0Mis0E7DUbZshb1l4Z8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c1c68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 12:19:42 GMT
skysports-los-angeles-lakers_5600943-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/skysports-los-angeles-lakers_5600943-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e7efc4fa087f20d61377793d0b2daa369514f844ac153880e17bbd82edfdda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11094
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 11:20:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJu9a1TEuYJhLBCwwYk%2BicuIG3iBMbMgDBKd3nYfJtPFreqMx9JYhsL8%2BWUvnrPsB%2FSyXMdvVbAzdQFfj4sjobjTnSJLB7j%2B8j6apsYRsjxrL6mgTdhEHI%2FiRVIJnHuV36p0kIL248Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c1e68f5-FRA
expires
Wed, 01 Dec 2021 11:50:18 GMT
Fero123-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/09/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/09/Fero123-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17468fdfe8f36f4aaaefa2f1b78a2679135f77f1bd36b188f100f6c6f84c160d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 10:45:27 GMT
server
cloudflare
age
421601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO5dhSaK47Onv0X%2FPD2wX8kVw%2Bj79ajGFtXZbRvtKVLL%2F85m%2BYncXEyC2Sx3riTgB1NnqCyE%2BlCxm%2BcQjv5AnpWJOaJXm%2B1nq9wERacXKpkczpYteZ3tjvxxiwNa3aJ52TV8EOGZ5T4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c1f68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 06 Dec 2021 17:48:30 GMT
262058460_225755876346758_7371287790316482661_n-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/262058460_225755876346758_7371287790316482661_n-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfd1fc76fd5ca2fce738024f7a7a9a6564f7441e86c92b3200caaf55b17597a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
237762
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sun, 28 Nov 2021 20:51:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdtJCsgogd5ldSiVOFggDIKTSNwKpHMR8%2BWzUw722387vTVTqO3C7M2piXpUm%2BuiCweruUvDR30p0BPoUQvlVCp4gmsPYonOfOIEc3%2BxLsuFKeM8GWoLrvA0Kj8EuSFSNp9e6z7yk9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c2268f5-FRA
expires
Sun, 28 Nov 2021 20:52:29 GMT
261157848_1891828170997090_5629801641262757050_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/261157848_1891828170997090_5629801641262757050_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b35c8eabbe8241b7451f62cdf4eee1111a0a60e596c711d5f87e832e9cc502

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Nov 2021 20:15:34 GMT
server
cloudflare
age
239965
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPmmt5HRTzGmsGmQZvtTpVqBjEjrZlne27zF%2FRWHwjnZe8PdvZ%2FYMwQGOpxXJOLo35xowEO0M1PmsKKb1cIVWcsqfWSkvpPpLYuCZi68zI8uugaKijofP%2F9oJW814E7e0ZJUX3fJdFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c2368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 08 Dec 2021 20:15:46 GMT
Capture-11-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Capture-11-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530745849172220375d8adfbe425215eab7ae5a761ca5fdd71c444876e8ac33a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
268566
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sun, 28 Nov 2021 12:12:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0G6iO3yfD80k886KtrKupIJJpJx6qsR4N5OjbqEzAcA1g7cER0PsClJdhFxav31h9rimVgkvnceEb9yL5docDv8RV7vN4CNt1HbbnFUz0c9OQD8FrgAVMZ5NxOjZ08t4Vt%2BLFb8yrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c2568f5-FRA
expires
Sun, 28 Nov 2021 12:19:06 GMT
basketboll-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		385 KB
386 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/basketboll-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86817d66cc5e997f07901acc2baa1b6fcd43a4872c5609ca9e6d5318114ca8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Nov 2021 06:55:47 GMT
server
cloudflare
age
286161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K35%2FlMkRiCQv2fNGro4U87gkXSU5B7Ks71s%2FnM3bFgG8wO%2FCmW9VCd%2BP9VpDesy42X%2BcCAglN0U5KkP8tHNP2tFe%2BiI8I4ETwIEDQvt1AaJRVxA2y2hYkPEmrKzEOrh8I7RWQZYxnJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c2768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 08 Dec 2021 07:25:48 GMT
nba-2-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/nba-2-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8883d36800520f2c54db3d89960f7813af714cf8407c84eacb89db80ebcf32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359862
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 27 Nov 2021 10:57:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWNUtWVJiCoNLRtKwNI1mjm6%2BhEaHNxGD6HpzfPpb%2FMYEO2pK7l8ja9lUH6AWZrlkln5b7n5Zx8kHPdUt%2B3G9J5xaiqvEMsFtTDuiC4v%2FvINH1%2BRvuLVYrQkf3bdAytbDx1qDPkSlf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c2b68f5-FRA
expires
Sat, 27 Nov 2021 10:57:30 GMT
KSSS-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/KSSS-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca71558305011fff0e0d64c35f5b320f5e593b510cc6f0d0a89346a6748e51d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 13:03:00 GMT
server
cloudflare
age
438693
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YDuhKsuXZzaHMx%2B%2BNGC1vdUHIOeX%2F8BEEyE3UtdNX%2FxjjoNqojmCtvd76mDCvG%2Fg00Hn6k760Bmo7NKiAg%2BNvgYaxwZDVNLwZEcx5dFPY1EOXj3ET%2BFkvqhCA3MunR17Az7VACBHpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c2d68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 06 Dec 2021 13:03:36 GMT
ham-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/ham-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175fe1ed7950f09550f1fc830ba18423cb6b54b79150a7fc51dff46338f7580b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 20:41:14 GMT
server
cloudflare
age
60872
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wts4NG1Jz0WlMCW1eMQ6mIA3%2FCsbrxBPQXwTtgjaOLEu%2B%2FANPMlcYEHtgmMHKMFw%2BU5q8Ut2Poe1IceJcUYPxsIfzpKpSdR6jq%2BoCkzUkX15zFBOXGUaXNETNOxOJnAL9TezfRE9Exg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c2e68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 22:00:39 GMT
260839753_285494606920128_8041428832381929789_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/260839753_285494606920128_8041428832381929789_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decb1113243b22484bafe4108845a011aa451da97c656ddd601af8b6339667f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 16:52:15 GMT
server
cloudflare
age
79367
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGrkdQ0dAhe7W5l6yVHTUTFRMKUAcK%2FfLTxLnsyxfgLXsMkLZbWgDfZHlQlzcEZ9pkrlrd1vCyH%2B%2FCack2V21ZsRG07w%2FHkmpP%2FgcbGJ1Xhu0jkHRWoIFJ9G72QddohluFpKEaMAZnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c2f68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 16:52:23 GMT
Djokovic-was-forced-to-retire-in-sad-scenes-960x640-1-1-800x533-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/06/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/06/Djokovic-was-forced-to-retire-in-sad-scenes-960x640-1-1-800x533-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f4e9de87d3ff28d9d31e29c9a48f9645a17bd7106d40707e532f35ed07a7fbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435930
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 23 Jun 2020 12:45:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlXGQ36to3V8xqjLskWudtLvmJEpK9h5ZfDICQf8OJrHBU86OwY2uTABRtei1a6FppoWz24q4XNOoqaKZGgAc0YjDo%2ByJ3gJepHxo2F8tm3Tm9jFbw73ancedzvxvm8bksxLqVWbZzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b35c3168f5-FRA
expires
Fri, 26 Nov 2021 13:49:42 GMT
260238373_4704605889560620_5974417257016650898_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/260238373_4704605889560620_5974417257016650898_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2237b7373e69635fd2eb4d6bb7f6e7dfc1b8046684b4c5ec604d4b3c4b8212

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 20:46:52 GMT
server
cloudflare
age
410886
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WC0SMzdP9BRdW96zjAYzJ0asL4xT%2F7lBNxRKiOBOFrg%2BuMNC0HNnCYLeZltaDlw9Er0DkN%2Fr4QO%2B%2FOhifVCnrTuUtnb9qHqWBuewzF2cpBQHuWg%2FqVQWiiGLqHbtEiZpx7%2FTF7Q0r%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b35c3268f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 06 Dec 2021 20:47:05 GMT
Diss-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Diss-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa98bb9ab6d20728aef09ead74af1bc2c41f8751728b7c2fb047fdf4a6d79d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 10:36:33 GMT
server
cloudflare
age
447471
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25X0Y1zEHeX1Q1J63VZHuSJYzZ1JlMAnZCwDO6CYCadC1BSuu2KlWVhjUGGdHlFG4fRVtq4b7%2FSlptMilAKvCSeHIWgYh67ithwbrGtXBq9PUltPtCSwclPiWoZYf6dCOgU6oWYVd7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 06 Dec 2021 10:37:19 GMT
260252236_6488423111229673_5489896311127904006_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/260252236_6488423111229673_5489896311127904006_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d945d9f09d0a35ad4dbc62e5782511772dfe3ac93f2dabbc787c322d03cb85ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 11:05:37 GMT
server
cloudflare
age
618555
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOSXjP%2Fp5w832y0yl3Em4BdTps2Z1%2FfXnTAv2S7QA8%2FkxRhOTu%2BcA9YSfNinNx%2F2PG6ALzf%2B7J1kVs2RlmIcgtR%2BxeyRWVX7VdzUHx0Rho5%2B%2BVe5XLr83chi4NPFBMRLUI358yj64yI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3568f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 11:05:55 GMT
Screenshot_1-63-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Screenshot_1-63-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908bcb5d904670a9e2f1e1808a99a67d7a68e1553e6d578663331402a6375523

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
770373
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 22 Nov 2021 15:54:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6SY4zEl%2B3y6BKEAB5gzdhhSxP6Q1pUuGFT100yNsWVjomSv%2FLYPKz3JXhkARW5yfpowPjNGmrFQW1K3NRixeV%2B%2BoXTwUZzX38wl1aVMxFa7u1bdQvml4SNLhWqsVWQ6zzAgkSUD6S4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c3668f5-FRA
expires
Mon, 22 Nov 2021 16:55:38 GMT
3257836-66673988-2560-1440-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/3257836-66673988-2560-1440-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec46daadaf419d6fecbc0089c08f29e5bcfa6e2ecf9b22425b9a29bc41785e78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846413
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sun, 21 Nov 2021 19:48:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ8rOuMVOiVr2VR74nHJxFX3AHI0BFHs8JLmF6Mfo28ttTHmPSIGYjj3oAq3EIT6mDZsrHUCs0JMPCv9I2Q3Ww%2FmzM2RXCsl%2BiB6L9HtMkCE0jmLbUwlAirdoP4UfZfH3e%2FTb2djESc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c3768f5-FRA
expires
Sun, 21 Nov 2021 19:48:16 GMT
yllka-2.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/yllka-2.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46747ffd8bcb4b6bd400727da24d3fc84b2dc9f26c515990fc103d16c80e8aa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 00:00:09 GMT
server
cloudflare
age
140015
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BAZOia0HhCM3xUn7tE%2FqSv9WuPOcbCRvlLuh7fjPWQIdewBC%2Fr3O%2BPRidwYbQ4umpmwR0JOdnIRReATS8M4xVf1bwbrMXLcaL8LQgOFVW1daF%2F7VUZcjKu%2BdpwsixmeSS0adz%2FfY9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3868f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 00:01:36 GMT
bu.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/bu.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679e665fa4dffd901db223205470b9a452783483c522eca9c01b5758afe0069a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 12:06:45 GMT
server
cloudflare
age
528502
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGlmY7cbmKHGlL%2Bx3LBPEnsqDTFeQG1R9FkxyAhtUVgDoUSwC%2FoDi5Ys%2FYMXjn0OePH64Ob%2FpEkq4kQPLzyrcbyPnE0ljcrpUiUBgyYQtqf0i3aq%2FhDhR6ecWlujF7FTJHypnvtPBRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 05 Dec 2021 12:06:49 GMT
Screenshot_5-32-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		295 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Screenshot_5-32-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e647382f1282f09489e2b97869fb5a6fbccb81f154189c50abc16c343f1185f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
608409
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 24 Nov 2021 13:54:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxcPoYRMzsteNcwRegji6gx9kW15dYGjFujgM2qmRWVlWC4yEgwyGeOl6jp3QW0tEmIxsQ142eszqVGiIoZHAuBlpcNPjXonZUMSYjUUkUy5UfPWUkpSQuKwwyZiNOsqejrp%2Fyh9T8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c3a68f5-FRA
expires
Wed, 24 Nov 2021 13:55:00 GMT
fifi-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/fifi-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f757672962e775dd13eb770bda0c3c56efb2e4f21fc7d3eead345831d291a40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 23:46:54 GMT
server
cloudflare
age
659224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtMnfcArhr%2Ffo335ucFib2qqrs2Xkz64EUnnaffdL9MErQfe89v00vxq0dVbsMYmOeHAEIuWvMx3rILgl%2FC9U1cV0YY5NUuycS7kQ8hj3jLEYlJiZRESjcBS6Hl2hKSqsYHt1bP7SYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3b68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 03 Dec 2021 23:48:06 GMT
tom-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		321 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/tom-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f705f770a6fa01a8df22c732d0a83e28afa2229ffa7928b1686411916f8739a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 19:14:23 GMT
server
cloudflare
age
675614
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CB%2FyCowLUZTN8Ajer3nD%2FpTwN7SxJgmMm%2FN%2Fu9DKQ30ySljM67KZzaE8%2BqcLux3IOUTVF3KfribrAFDobE6o2XAbrW%2Fix6VodhW96SasrUVxc0xANFZzYRw%2FrSnURlQ3UbeaehtJdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3c68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 03 Dec 2021 19:14:57 GMT
bbv-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/bbv-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
083e5ec06305b2ab5e0580d358e0efc4e129d1beea48e0daa2649ae989e8790a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 22:06:24 GMT
server
cloudflare
age
751702
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0IT0jCRJpod%2FznN0hr2ZGpUocpygCAi7RFE%2FBzx6Oh%2FhDenoEqjChCKchAvB79r5w8oL93jcPuE0445eekdxRvgiU4EJU137I1M88zyBpUyB4D9HlM34EKtvaFRPAEYf5NXVzxXGs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3e68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 02 Dec 2021 22:06:49 GMT
dafinaaa.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		366 KB
367 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/dafinaaa.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b9d64cfebac7f9d1918fb190b9c3dd364c50eb1c5f65a4bd7d9ab644c4b36a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 01:27:33 GMT
server
cloudflare
age
48402
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lS%2Bw9FXnLkfD6IUcKFUE2Dkr%2BYLc7DsiTL8gWWupXbpBFo7CrLJFAQPrzxv1oJcYqR%2BIYWwwfGG5EV6vYX0wNPd%2BeP4zsZ1gywvNQxYL7LJj8SoAU7l8LQtIS2KZODiMeFz2LrgIlO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c3f68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 01:28:29 GMT
morena-1.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/morena-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d083c6e9d075a74337b0020d05237569e576aa8a1c76816cd94d6fffc798673

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 01:16:30 GMT
server
cloudflare
age
49071
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AbD2qdNk1fIvTwHfJFI4z15POjaeNtECQtNjroWldyo6v590BeE1TK5iJTOrtFJoJ38nPnLtbWjfN29GE1ZTsKljW95KraaVQmHngc6%2BjRLWzLWh89Orp8l1MvygfrwTvvDHoahuhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4168f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 01:17:20 GMT
aurela-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/aurela-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838566c95c446f778f5d9d221dacc74498942b6a791ee11b7486b261c44462ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 01:05:05 GMT
server
cloudflare
age
49730
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtF68D0tJ6L1pAdnpRzb36i2vBY7n1JuPQaaj3bPayb8erSgDM12FKMZwQUXydNWyj3c%2FMRiSIpKj1fVZcPjz7gJNRNRUNHPr1OtmlP5yI%2BWUYzr8duEx%2BNAiHxSnOLstnps1pfFaOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 01:06:19 GMT
arta-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/arta-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307c5e8c0ca7aa5c526ff2562159f3d95dc7bb61b2236fd7ca77485002106719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:58:12 GMT
server
cloudflare
age
50142
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhpWw4HBOpmuc2ILl63RYLOyotfl81NpV9wL6e1CGS78LLNNHHOCGczEWu5fVfejPGcz4N4FyqXS990kJ4qtqHH578sOosohXAnTOyvjL%2F1CvAcLylYbJpnvhuK1FFimHt1KxOmLrRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:59:29 GMT
adriana-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/adriana-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42872ff9283185ffcca9ffcb893fb7f5e25c3f921a879423a77e7b0f80a3ed5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 21:39:41 GMT
server
cloudflare
age
61881
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCLg47qZl1cBFm7Te%2BNGR82u6skkN%2BnXIlhDNqQYVymYpleEJlQPgMOHcXQjK8tJ7WnRmWuK8j%2F5smcn5TdMKUFyXjgu17n2zkaJxVM0%2B5eJdrUi4GAIozkxvMbkcpIJm1YBJJDMbA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4868f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 21:43:50 GMT
megan-11-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/megan-11-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3346e98e05c980067007505c9c802c6cec49561f2720bc08a64c808ddec0d9cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63006
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 21:22:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPXVhkPnbEhXPoxOjGY38SuIIaoXgS2%2FvQP%2FlOhPEk%2F3HnCE%2FVmNJ8mEIC2M7T7gN4efoaIPy0bVS6tSwUqxS2JeY0NgfZ9jFOnk1E%2Fx2SWb3TEAyK93qtNUhDOhfuO7EODy77Q9nFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c4968f5-FRA
expires
Tue, 30 Nov 2021 21:25:05 GMT
tayna-8.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/tayna-8.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712b390b52bafb264c7901b11ebe3fed9d28e72e436d75ba467b1f0d8347f847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 19:01:08 GMT
server
cloudflare
age
503623
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaaJdneMDiklFdLsC2%2BrtYqQHU8AWT4aY2JcMSnIjU2VeEMKK74yUY6C4577L7ulc4QLlYLF2zBOKg0TLl5h4NhFA8tf6p7m7yrtGLliiT4tN6SPBjAOqgGtu9H32GhzkyjfIj1Zh18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4a68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 05 Dec 2021 19:01:28 GMT
grammy.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/grammy.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1f1e8071bf081a7986eb95c9e4e3ae548d537e4dd794ddd161438e719ae187

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 18:41:45 GMT
server
cloudflare
age
591202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVo%2BkzDE2wqO4aQiRsM6QNsUEP8W9O51HHQvWw%2BgN%2Fk5iL7z2%2F4Y60wXGv%2BKZLULMP2rdVjyU0CLhA8gZzZmAtu9zYgobCvyreXOMytlwPTNMrQvRZS1vCvolAb6Lax4QOd7w6SKygU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4b68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 18:41:49 GMT
bujar-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/bujar-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53779a47004bf1dbef1c7c2de44c6aa02431c9a83b9a004cb1e3dc5bc9b16051

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Nov 2021 20:47:41 GMT
server
cloudflare
age
1015638
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAUJztvIYKWmmFql%2FaE8a6z3v%2BZipMMq7AkUNZJcIkcYgOjGnwU%2F3M4RLWpppW18d4OyJDEj8UAzriSA2VsBHFHVCTMoJiUoaBm%2BskMJWco%2BB8uN0Hct7YqOP0avRM%2F66fqUrQXmPyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4c68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Nov 2021 20:47:51 GMT
kida-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/kida-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caacb11f2a4120d70c02e77a923e6a91aea206405f459677bd81f921a00b6a89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Nov 2021 21:55:15 GMT
server
cloudflare
age
1097804
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr7zImd0m15dF8r2C8acCW5Md4FWCPVOiwxEciSjhZqAKs8E50cEn6ysQ4oLqUucmAEDZovYzT9HdFJ4trD2RUr0AALhlhtI%2B2nWKOsJzTDEj4QA96DF3w88cBmMy8bmyBNNht%2BjpIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4d68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 28 Nov 2021 21:58:27 GMT
dafina-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/dafina-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd736dd2bb92692230c9d2ece335d9ce04c07b492614816dce5c18a0fb655d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Nov 2021 19:36:01 GMT
server
cloudflare
age
1106310
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yl43BWAmnlvQz5bIISwKAL5wfqC%2BvXU635n4KHXVI7z6lEm2Pm%2F4Se6x9fqZc5ooj3bA9aYKXDSCQO791taeOBeRUju5kTFC4c54%2F6KAQICA35ORvQKdvbcr70ZC42GaK0FDrmkIA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c4e68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 28 Nov 2021 19:36:41 GMT
258435192_1297254207445681_8647542579650344171_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/258435192_1297254207445681_8647542579650344171_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c405467486e24c37c6ec2f544955cc3d9f64b16f3ec3a53141044db19dfcbfcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 18:41:51 GMT
server
cloudflare
age
1195990
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xFI2BhpvZlpYNCW2icQeeWAAs8WEdJsGuRMyXJDAS6wCJMSJZPRbmG4gOmQUb35d3d1AktCLEhcPKnpwvrQ0ZRLK4Ums5IruScMVVGTlQBQFGfkxcUKJH43fQfSO9fqccrictRcjsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c5068f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 27 Nov 2021 18:42:00 GMT
divorcet-685x383-1.jpg
www.gazetaexpress.com/wp-content/uploads/2020/07/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/07/divorcet-685x383-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7560304ce110aeb9327cc3894fdbadd12a9eb9e79facbe2490b0004aa9e36a9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2854
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Fri, 10 Jul 2020 14:19:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMQEZ%2BCZr2r6lc8347654bvr5J%2Fj2OV6keOiQIovyOYF71Z8L8wSOoExGZVu9FyHWfQkru%2FYHS%2BrJY%2BZrUZ0Tatpdd4L%2FpMbrRykP2nJWAdt0%2BbslwyvUQlOIQTZPfx%2BJW5mWBTzigE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c5168f5-FRA
expires
Wed, 01 Dec 2021 14:07:38 GMT
Screenshot_2-2.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/Screenshot_2-2.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde41969c0e365ea3e06156c66bea979d8a0446021faac599664a0967c7922f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 13:20:19 GMT
server
cloudflare
age
5644
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njM970NDMrGJgpXJ4Bgr4VzyhOMH9iGvjxa9tpdxchxOKAkLI6wRR6WMy0zMHd1ALn3BK5wRb%2BHwci3iy90GF21p8Lr2j6sJA%2B8il4qv%2F71nsQDMLbhb4QRvTRu%2BhXAfwgkdnXJ4yJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c5668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 13:21:07 GMT
640-0-601d4e311e9c8-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/640-0-601d4e311e9c8-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3399a1d98cfe824ef01eec47d9d8743eb424645874c9eba73a8e263f2ee04295

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10058
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 12:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mPPs1XpwgyIV7hNJMHgkaLURKNYPnAdM2SQ2Lxv3e54%2Bfh2xojiYlNfO6e6SGIRZErI4q%2BNi6YAKro08E4tMfg103nQw6YSstJ4gBP6mKY%2BH7k%2Ft6qpbRf%2Ffg8iVkbHfRF2P6IGWwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c5768f5-FRA
expires
Wed, 01 Dec 2021 12:07:34 GMT
167467754_481187226572241_3106666718272115762_n.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/167467754_481187226572241_3106666718272115762_n.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be3c2a509b2ba83ba761cd3ba7069c61d8d0b89b7ceb2d5460c854ad273e20e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 11:19:32 GMT
server
cloudflare
age
12908
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUcjqo%2Fx4fWuYu8pwpFs6md06cmDokPGqBEO35b9lDV%2F2g5G0M65qGygBofIV9MfEy%2FHYaCSOV%2BKb1IDx5FKdy6%2FdPmovbLvTJCywS5PxaVkF30q%2Fu4Avd40wo2Lp0JUCh%2BiZ8KdjZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c5868f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 11:20:03 GMT
Shkurte-Fejza-75266909-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/12/Shkurte-Fejza-75266909-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430ca61d2ed2e400869abc8d175d96c7866afff2e366450f4fc436efe325b1fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13529
x-cache-status
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Thu, 31 Dec 2020 10:17:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkcPN7Gk1DP9pjByxfzdeI1q5fPKj3SseAuDq9jm9InvXNEfTxCaDx%2BhyJhHEvT%2FfAzOFBEC%2BlHMtAXL%2FhBQ7FcUPlEjF7F7hgOFtp8r9naHvinaeLD%2Faike%2BcBInJLpHDbMx3PH4nE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c6068f5-FRA
expires
Wed, 01 Dec 2021 11:09:43 GMT
DonaldBeatrix-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		321 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/DonaldBeatrix-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15f9338d3cd8c49c06a24fd2f29ecc6dfd96e72d10e9ef58bf0e9f5cea66b7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 08:30:49 GMT
server
cloudflare
age
22952
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1Xeo1qDsNMXt5KUFt4w5kwB0N4qkyAmDcrCAewH%2FVPpo03ZQFF4K09W5r83HYYFejU9Xeqf8gIaxDlRp8DT2Kng5JCxdY%2F8C161oPvTDxs3v6Szpjbq96on%2Flzo%2BLR%2Bv6zPntAYwr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6168f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 08:32:39 GMT
pesha-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pesha-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8797b0d6fc319de6a3b06a2cd9b2c2923af26def41bbebaedc47c758c968a3e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Nov 2021 20:57:37 GMT
server
cloudflare
age
1101438
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29Al5kxtPqJuU7ROIyo9i87SN6IA8wi2KtZmqFNot3m3wQzMhm9AsbehNjOf9ZxgJNkZZsCLTMEGPLHcDYvUJ6w9jhWB7BMD5DadpzDW25ba2d%2FvUbpVLxdGKoJMGgCRMe89bSWotUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6268f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 28 Nov 2021 20:57:53 GMT
trupi-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/trupi-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37891f7c15a7c9e0059422a9933fbed77130bafd1f43236a1e35ad6e2e4edbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 12 Nov 2021 21:27:01 GMT
server
cloudflare
age
1618076
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2cr%2F0Hlfs26i8DK8TSPoaG%2FtpAxRv4lpEjyqrzKOzY6fesZXPZYeFtF67RT65C1V4knarX3kHJSfGE8EJlCxP33JxxHGP9ji7mllTUIL247sFHt%2BOwIfKkmVudKzPGI8iFTtlJcL90%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Nov 2021 21:27:15 GMT
pandemia-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pandemia-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58fc060a3f7c6317774af8a786c012cbbf2f20aecc5a67611ea6db23071b66c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Nov 2021 18:56:45 GMT
server
cloudflare
age
1972698
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMBL89sa7wRBQB31n65qZGA6RNp2I64yD95CbthXz9B2Jb6WIPnjMVVuQwpaExQkZbhLgc5LpSSXPRV2%2FMxenpZQFGWWPd4gHMm7U9OFnboh%2B2oEj%2FUVZhM2AfhyzpzDn%2BFoqWWFU5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6568f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 18 Nov 2021 18:56:53 GMT
gog%C3%ABsima-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/gog%C3%ABsima-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57fa66f671c31657881d8f7ffc795101e8f04b8d67abf5fa8031335d257cab2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Nov 2021 00:30:07 GMT
server
cloudflare
age
2298292
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Toa0yGPg7soKh0DbdRsj1b4TAyNKQLWAcc4ipH%2FqWvg1J%2FrV2f6hJI2oL8iBNopPWhCD3%2BXaZWmVcPh4i2aVnVdlObyuym23PRS5CjrXlBcDQAmJyXeGsekLxAvK33eSybeHODZEeaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 15 Nov 2021 00:30:16 GMT
patate-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/10/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/10/patate-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e235103e504c0e1666930db8178734675da9761655d4193cf2fbad4e8da1e91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Oct 2021 19:15:45 GMT
server
cloudflare
age
3181043
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD%2FgeY2zNjkqTmtI9gS2Jv%2FQfu%2F6phHRp5PV9sxdUvfZL29Hzz7EjVDKfzKFAsxboFP9FaWx2NK4tXrjPgTb%2Byl6kgO22ytsVH0rhMu06KB7%2BsQm1dg9P3YpIjLoM1fakMFsmodxoVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6868f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 04 Nov 2021 19:17:47 GMT
pandemia-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/10/pandemia-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89baa7d058d08c84a3039aa7a4da0b8ea561e91cdf792136e121d8f025432631

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Oct 2021 18:35:40 GMT
server
cloudflare
age
2975731
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZD3Wo4SUJq0l2Aq3JShH%2BM2O3Pph%2Bno20RR4EmAdHZSoK8NPk0QK9EyPpOzhfXzUidPM%2FnGMFOtLro3ya0A5Kq84bAZUox1ZA7qbuczRZ25J81RO%2FA%2Bf%2FMTY7QtOaoMCSV4shy37tY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 07 Nov 2021 02:10:34 GMT
ushqimet-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		378 KB
379 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/ushqimet-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b42450c61033c4deefbf06d5bb785568022672c8dccba8e13ddc5244ca3189c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 19:06:37 GMT
server
cloudflare
age
71301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wFfaFcbAkGeVQ7anV2Mvf7zSoXb9Ao%2B4YP7bSETtohfJIEpMYlght%2BVEFJO5JDnV8RfDVJBCHGNtUuugT65VU0M3bduICuYETT7oEHLpj98tzFyXeUlWuc1cAuWTt2GKrdVhE1qBJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6a68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 19:06:50 GMT
kanceri-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		462 KB
463 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/kanceri-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69dc8e4bdca2a029ddba62e0fc90a31816ece51e1610b5d7ead08b5f692fc23d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 18:37:24 GMT
server
cloudflare
age
73056
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F6CpP04YufpHXOnUQDP4V%2FkIyaIRIMCP5X0RyH2xV0AhExW57BV0y2sYhyjifp2MMiRo9qyrMd0M849iipzarEygKVG5g0DAOi7XIZsD6pKqK1nu7J3dPCTBvl201UTrmpYAHcv5yw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6e68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 18:37:35 GMT
klima-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/klima-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce045a7fdd232ae04a2ebca06705660f5659ee4c01e8c73b3eae3c1b304ab96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 21:37:36 GMT
server
cloudflare
age
148648
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2ErLHYUDwJ8O4lf%2FFDIMORdQA3BzmXXExG%2FO5JYYRdVdq7ld22GW35SKTyTShalPeh8m7q9DqkLaR7y2IGzaJlCqWjmpGxFE2cOojQ31swrq0kTRVQMrnquql0mCb4ChFYp1L0sI7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c6f68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 21:37:43 GMT
pagjumesia-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pagjumesia-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a3ac84b00c618cdedf2b8a3d8c033c3499e5ce1b4f3a3b24ca80aeab128748a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 21:34:16 GMT
server
cloudflare
age
148845
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWLI9Q2B5GU8l4HQqDXuitAX%2BxXU%2F9lEd9MWneOM3YP85z7I2%2FYZdirxrO6kBtSl8tkcF%2Fo2HR1leNp2uzG4lWlSsDSeqXsJp%2FxSm%2BbIYN7mGSv%2BdBRnQTGsYpnk5b4sMoONgWv2S2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c7168f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 21:34:25 GMT
koka-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/koka-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50546db9a553c4348d88b070375cb8a4ec8c22f3b0480ae4073d3b4fc92b9a83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 18:45:30 GMT
server
cloudflare
age
418172
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdanJJO0lKL%2FSPbA0CHH2vHE4STA8WSfJz0Tdndwd7bM0P9qH2FEQ3GLI4UAmnvbYH7fkT1%2FX3QxTpe5Ff56AoaOUze1iWxBg34o1MK3jidIYdW8kXqJz%2BtxylkyYA4Pucl3FIkpxrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c7368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 06 Dec 2021 18:45:39 GMT
zemra-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/zemra-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f531981e8163eae10f4389e66151dd5987d29268a606c000b3b3e3c256405e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495544
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Thu, 25 Nov 2021 21:16:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFe4boTmF08D%2Fbqa4zN7vbShTci2ajlk0wJn1dnMKqZZC3vKq3zQA6MGyxfJYnKyMLXt8%2B3hXlU70YQOQa%2FJojGmpUcaToUKvNT9Z8hls%2FlMY6OkBcwYyZZ1a4swMKvJvTdNNK2PXHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c7568f5-FRA
expires
Thu, 25 Nov 2021 21:16:08 GMT
fasule-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/fasule-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20875e8a53ad313193024a9191b5945cb309e4f0a0b64a911af267596678b67f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 22:18:47 GMT
server
cloudflare
age
59767
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Raa2%2BvEgN%2BZU1Oa3kg9UEftB7n8v2Gn6WrlWb5QcFP0KQOOPZsQWFQKQfwbsGJjNMomNKoeDElvlGrYrUPwDnffY%2F5pZT06P167UVt9jUkpw4p2UhRmgMxHvFpGagUZGl7c8dyMGY6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c7768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 22:19:04 GMT
kura-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/kura-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1cdc1765230ca931914efc9d77f09948220a31fa4ac9baa158a8e9b3ae24e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 22:14:50 GMT
server
cloudflare
age
60014
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P1TbgRI%2FxZNjxueQgEPuL46rZEtqFS0J%2FNtJgpPdURD8MVc%2F4GVXnZhlIzvUKGYvoTfj%2B425kBzcQ5fR%2FBkXbObYDGQMlubNUMi2%2BAzYa2IGXXiWMTmGGH%2F5TCU%2FvQKUwpnV4AJpgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c7a68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 22:14:57 GMT
banane-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/banane-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627cac56902b79832ce960de0a9d92d03a9ff846c2387eb0ced424179ae66a79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 18:35:12 GMT
server
cloudflare
age
418772
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtVzQ9WZctVqy%2Bm0K4EdigXNRxxg%2B8KdZm27LXm16q6QWfqxoPxBWHEk%2Bl7xSOgv2vt8O6c1qVFR2o6PAjteECVjWC7puo1UgM1XmiWBlmufFPhaRlL%2BvlEhf0HK6SdzcCiRfwYiHqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c7d68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 06 Dec 2021 18:35:37 GMT
ushqimet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/ushqimet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81eef69db36430ffd22277971c0d3dae40564843ca0bb10fef95143f8368844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 21:13:47 GMT
server
cloudflare
age
495676
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJoW7BzUz89dgXx70x63uMwICWieLHoaxZawogPY%2FNxoFWLpDwS5YTOjMd2Cy%2BkmdwosM%2B1Y2rqspT%2BGuiyTd7dHTGKnqgplGl%2F1M17lJOQMugJXL7sfdzq4bJQA%2FxvrqoAMshIfRro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c8068f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 05 Dec 2021 21:13:55 GMT
mushk%C3%ABri-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/mushk%C3%ABri-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b35fd44bb23ebd7524f19ece3e583c29dabadfdf047dcbd2a1f1ec02e300cde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 21:16:15 GMT
server
cloudflare
age
581929
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7KCfIruWHTPNce4b5NCkSUYnI1nZrMMT1JGUSQttB1LlO0ojl%2FCRbpbsxMHHBTetBEA43c888%2FPbNvUJCv1B6NxYdy5eCt%2ByGArJUzYGuAFMnaCAn04EAuuwfjAoOT40Oo3skkT26Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c8468f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 21:16:22 GMT
buk%C3%AB-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/buk%C3%AB-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f0350cf913538846d0b770ce10d579d3aa51daf5e7566d3c4beb89d7824fe2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 18:40:34 GMT
server
cloudflare
age
591270
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUmgu2HL5WKPbUCkgXKBA4ZyNu6r3xU9yCOB1QefvqfcbIlfKb69oSzuM7Kw3YoJo5bfhs8Ki4m0D%2FiOEmnP8cZ3s8fwGxAfUhiWZT0zefUhODznWMc8xyW8cbUua6DR4hzhblYnQOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c8668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 18:40:41 GMT
sallate-turshi-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/10/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/10/sallate-turshi-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3462c9cdb44430568b23a58b9570090b5990efeafd716f5c5b02d35847aa027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9176
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 27 Oct 2020 15:42:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCSWN%2FisQhogwUh1Tyy7l6ZEnCn9gWnjQmkATWoShzBpIPkoOXwBodVtkZVt6tvZtAuw0jRVCRB%2Bq55L9S4WZldclLLYbNFSlm9FYpO5ph%2Fh1edY2JJYm%2BXgTtkKmA0Ckw0CFCvcDRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c8868f5-FRA
expires
Wed, 01 Dec 2021 12:22:15 GMT
kripe-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/kripe-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c460f71df781347c711762afbb36adfc71467497eb187f9ef5cb8d91d8ca933e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 10:45:10 GMT
server
cloudflare
age
14939
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGkkD%2FxCJ5Y5SRvDe0XVb32ybpFRuKS%2BBKGerwxzJjttF%2FDn8iDGUT6dDQbO%2FZJTa%2FPq9OXeqPLDh6bh9wS89rThuQ80QJ34Y2%2F3iwbPNR7qLXRCILh5s49YNKfpI9nZlaZH1jjgJZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c8a68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 10:46:12 GMT
auto_limonade-780x4391629898957-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/08/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/08/auto_limonade-780x4391629898957-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ca3632f72034d5a61c82f5bc7efb21e2675a1cbf94b3f56aed4bb399399c44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16078
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Thu, 26 Aug 2021 08:42:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNFLbsGooVBCElapHA4xoVDV5FVzGBjt%2B%2F8nsU%2B2CCfuUo3Z3K4k89fVRKIKIOzOlGEhn%2BE1RqddjeuF7g7YikR4gVUBsOggrKlj0O0kRSg29PIKRtmAuZDrxWudYLz9nmqE53o3A4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c8b68f5-FRA
expires
Wed, 01 Dec 2021 10:27:14 GMT
auto_caj-piper1638343607-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/auto_caj-piper1638343607-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e351da2b0caa003f26223d771ee7b468276401589ca4b1c18c8fbd448fc879b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16174
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 10:25:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI%2BeQvnJ%2BfCqAjSpCkyEBwLlJaQmY7zKrPKqRwx5fMiXg%2B4kGlOZz4CAsPf7kAZMt537Mcp6gXKv3M%2F3gD%2FibkLFDglZFUyMZYOXOdUzsP0%2F8J9OsBADSr0DQolqV0xR4ifDLNJZJl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c8c68f5-FRA
expires
Wed, 01 Dec 2021 10:25:38 GMT
261756463_3128433160709241_3663175902062491066_n-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/261756463_3128433160709241_3663175902062491066_n-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af1f5cb933247732ac4e4d5cc8364c074e133693673d2b34d6035aa217a249b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17861
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 09:55:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KA0u%2FiYnqK7TxCiT2DMzd1K2%2ByjQErNMKbS9LKIfmud7BziDklsASmnuFSrhIVVlTqXdH%2BDra7mTxtvspuZhTNmEDy5RlX7p4DvHmFln3Uvg%2B%2BBXXfn7%2BtnJaN%2Ftmxg65DPTMpgX6NA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37c8f68f5-FRA
expires
Wed, 01 Dec 2021 09:57:30 GMT
studimi-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/studimi-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aea223ccbc6430c838198f6a87f4359a830fda5bf2fab7f81cd8f6abf0c345d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 09:13:24 GMT
server
cloudflare
age
20414
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9%2F5xpoaSHWmm%2FOYUHWiQQ8kYF0kyF4N%2BhLyFqJwgSISN1ItGV32RuZBlqKvJeqc%2FDlx%2FgiuaUTj2q6E4uus%2BP%2B4c3DQGwhzR%2FY9cXPdq%2F2rrRZNUpHzHPpo54Rh0iTku62uPsk6ezI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9068f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 09:14:57 GMT
kinema-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/kinema-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5ac0529c014b2a64a5209cfa22c0a0fd7799b6f80d6cb1098b0d3f5f68749f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 22:50:25 GMT
server
cloudflare
age
57879
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOzG3l4ISk04WN4jNI7rfQuKI6IFGH2E%2FoKtmKmH01Pls9uudu92b6AvrtqLbZbtUx3LcilRwFlZ8gOuwLqrwhkOcRSHMWUHuCCPGfOGWY%2FUAW7B2ZPca5R7t5F%2Bp0NNZTg%2Fdr22pRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9268f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 22:50:32 GMT
programi-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/programi-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62565eac25e5fbc0ed4528970dff1dcc76bd991114b703aa97caaf3ca24ad65a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 18:45:32 GMT
server
cloudflare
age
72388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myzf9LHnEqJMYz40g4QkskcAHCEhz2mnQesALVK0wpzb53fKaNkIieNIOJGL9J5knqVz5vJc5Wbx%2FJ0LRbO8lmb0x%2F9Jiw3dSPIAFp6jf8tszbiP2jpxn6296o3saz7mfMPw4hAIM%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9568f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 18:48:43 GMT
nensi-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/nensi-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c3a2b9960ff10f3d72ee4cf998c41b7e155b776f57c1e2095239aab15f201b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 18:39:31 GMT
server
cloudflare
age
72877
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX7B2D3WBr00zmEbQtTvteuVBOgLtcclgDtPTXlnjOIRrbFfcf2aws6VIFIkvD2WGHKZEKBreD1QxtIsFh2qjwDJHMENVMCewMeo%2Ba01l2dpOdv%2Bk6idsvINaqZufj1KfjbaaGJ4usw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 18:40:34 GMT
biennale-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/biennale-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df8962c0d12d2b530e81caa6122a81d4cd2684348d8d7575e6dce9010ac1973

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 18:27:05 GMT
server
cloudflare
age
73675
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVWeUgCqlU2BLEvLUgDC9VNKfB9dqDsIjMFG825LW86nOmTaisB7%2BtG%2BtzD5LNA99zPD5qr1tB2STQDgCv1thtEGKnKZtJ4nDazoZ8rBVT5EqsWiocmqTVAsRmYX7F6FDzImsJzLiws%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 18:27:16 GMT
199080837_527512148692930_6133578569909226886_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/199080837_527512148692930_6133578569909226886_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e89c2a4664bb0ac7da38742c94529bf021c72222cf4cc87ee9b606d9a7152c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 11:43:42 GMT
server
cloudflare
age
97875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKXTwmtiMDx1DJZ4z0mtWbuebYd6GzpyyvwxQHCxtYvhaJTfVN7cRFin1PlSI%2BYGmPxVPx%2FGlnxgfpM%2BDQVZd41spyC386ZsaQ5sJD%2F8%2FpEwg3S1CR%2FsDWKOPxsHCpIJLlTow8WqWME%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 11:43:56 GMT
kafka-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/kafka-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef2b81205496ce469be69227cc276336ca0b83399513cfa033430270458224a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 10:17:37 GMT
server
cloudflare
age
103033
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZaqkHw%2BJ6s8Kl2p4FrfsmDt3A%2F%2FKmT%2BYo3MmgJMvtx%2FejHh8vHwASMtxQkqULyIo1%2FgxLXGteAHXTSn3lClUNbzdYZo9qGZQUKEnbwixVnetoMQKcJhzr2fylc%2Bm3gOGa4Fdawzn3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9b68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 10:17:58 GMT
alphabeet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/alphabeet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7528999137e4eade01578c6271291ece43541c53ee54a41b32a45a11773f7e96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 10:04:45 GMT
server
cloudflare
age
103814
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk8RWw9EAyIuE6a1xCaVCSwOwCSHjGu11q2DO9vpOx6c7gqlZxOBdMK%2F9p9n%2B4OMcePFN3W5Ny3t8nIA60mmMzSWNJDYNz0zIaQPf1QKHvVH2%2BSLDzXleKSlXIKrkN0hiZGyrXja79E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9d68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 10:04:56 GMT
flamuri-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/flamuri-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2c0ca4a55948414f3460ba76dbb0e095d7b4c3be9297b249d77470f27d5c08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 22:04:39 GMT
server
cloudflare
age
145074
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BxHJ6ITM7YfMTnfZWilulux84bTLZ%2BC1WdQxSZFA9DV3NTRfbFt1EV37uHJmJCrUvGkxodJRY%2BnGOLXqSeob6xuDmOCALhlXsZLL0nQkpRrWT%2Bxim9Q%2BM4b2YCeyXdZ3EIztLQCOLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37c9f68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 22:37:17 GMT
app-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/app-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970c1a923e7d94ae1aed4e8bc432d47c995ac06261274df5aedde4a024fbee4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:43:41 GMT
server
cloudflare
age
51084
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vv%2Fn74x4Gx%2BmFEK0mh%2BED6qmEjzuqYlKRto%2FDAf9OFeNxSDGaYG5mei2ol3LPKPCBFtgGCdoSm2z2KmOhAgNUAsZ4%2BhhWqn0LJpAg8TV72RfJLBIgnvyUXSUs92lBK906U75c2ZeYmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37cad68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:43:47 GMT
twitter-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/twitter-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd6b58e0329ce4f278b636d2468537e1fa308943b0d3acc17c4ab4c12ca0a7ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:39:50 GMT
server
cloudflare
age
51117
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1yev2TjnHkOttHmNhyI7Otnd3RneMJtcIhvbFYD9GWHqdSHLTqFEx%2FCDh7OEkznTOMnEvk2xioa%2FeR3PcHWN%2B5Woxc%2FhntCCL0D9Dgbc6cSR2ImZPhJIckRfJQQjFs1to%2FJvbF6uJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37caf68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:43:14 GMT
huawei-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/huawei-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec680057c55a25a713b05306e0abf3eb3cc55a9e730cc31a15e4528f60d1a17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 18:33:40 GMT
server
cloudflare
age
73272
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWb0BvGdJANW9yHAtf4a9vYXzy03plVrQg49nx2OryRUCjetFDk7VI%2F6UTCDz4uuVoarF7GRKR%2FdOvjxM3VzcgOxkHSMch4jPKo6v%2F9gC%2FdoaXgkbb07gEJlXiy%2BUS5%2BJ%2Bo%2FZltGIC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37caa68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 18:33:59 GMT
galaxy-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/galaxy-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89c64b575e8a64b87fe7c797f0c01bef0fc2dd3b745d981eb11797dee02d34b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Nov 2021 18:32:29 GMT
server
cloudflare
age
73350
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5rQXEVniah%2BZwtpMI4ugV%2FTDPhr8HwQK6z2z696HCwiEy8R1Nl%2FeDT%2F1khGYsOiIAVQBb5NdhJefx996wjNQQutjPlrfGJQKFuDGqFMq0xVtAj%2BjDC8N0OKswaQyhghMIuTZzOytLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b37cb268f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 10 Dec 2021 18:32:39 GMT
174336088161a5d1ff9bb5b139530281_wide-780x439-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/174336088161a5d1ff9bb5b139530281_wide-780x439-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56844865f451301e7002222fb55eafef2d64d465d891aa4fede0959dfe196d85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96878
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 12:00:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zck664SLloxTHXD%2FjG1DDsp4vR2EJ7%2ByDkdJTZS3sYcRtYaMN%2FT8q6aI6Ovct8xJo5Jy3rD6Q9nfDNcTwHaRSG8WGqmfa9di6a7dCkcegRTRMtf%2Fw1dGTnbjJfAPoDMlG3VXqK8J7Ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37cb468f5-FRA
expires
Tue, 30 Nov 2021 12:00:34 GMT
google-5-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/google-5-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d9fb7a6cd6cfc60516489cd7ef272c465477e3d4bf785861c01e4db9e3b73e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143866
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 29 Nov 2021 22:57:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oj1cfNW7vNu2oCmo6XcSydo7aJnfIkX%2FlHi3BVz7%2Bu3Z4u%2Fl4wqEVfrs4eruopLQX5zi2kduYq6ZmZkVF9F6u6MsodSEgpdXsVh%2FBXhExGy%2BA%2FM1DVb7O2sTw0cMuAv3yZNGQpvh6U8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b37cb568f5-FRA
expires
Mon, 29 Nov 2021 22:57:26 GMT
apple-3-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/apple-3-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44878cc713733eeca195bd6be3ee86118b17439c36ce1392db3dbff6d150b922

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143976
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 29 Nov 2021 22:55:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIYJfQdfRVLo4IETh6S%2FvVyVU9NRXFKVpBV6Nrenw896wd3AHtzaZp7sSeeuZRDtRhInJsfkWr5D6QMWRkt29wHTj6zfWUvLeRdF%2BUKPJ9o6K%2FPbw6V57x9gFyCgTIGesLqEOeX4wu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cc368f5-FRA
expires
Mon, 29 Nov 2021 22:55:36 GMT
iphone-3-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/iphone-3-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66ca58cbade31a20bbcc4e38cf4fff5fbcabe5a77fcc9382b76b95840d0fcb62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418320
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Fri, 26 Nov 2021 18:43:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a3XJZqV6F8KxGMQqqQYjgIsCvI1I7g%2Bj9KPRwWtuqkyEbXNrrDwvMnAnR4RrOZj7C81fb6hyOYzO11jCLd7MLdTNEo8u5k4njbLY2HoPiLDrb8C0u4RUvZZ%2B%2FLIjDquzKVRLH0yXfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cc168f5-FRA
expires
Fri, 26 Nov 2021 18:43:11 GMT
google-4-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/google-4-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c236da4a684dfb436d2c27a120efb34edce673a76565c3dbf42729b74ead45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418528
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Fri, 26 Nov 2021 18:38:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb%2BIJ5NdLNaaATL6Xh3XofsbZZVQtfrZrXzFwmOWJn0P5em3%2FKRftxDo4ggv66vDlU0h4XewhCTGQTdyNQRPRoVu%2BOy7Ve4P5mMJc9IZ7r0zTa1WBU6Cz6%2BbCAjT%2Bfl5j704QvtdRy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cc468f5-FRA
expires
Fri, 26 Nov 2021 18:39:44 GMT
brothers-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/brothers-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffd2a1f25446b0da03facaf046dc8a40a5f163e2cf7ce1a01a5c4bdaffbb126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 21:46:10 GMT
server
cloudflare
age
148116
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ajrl2bA3sJor4ya9Af9q3XmC263Q3MZZzPMmLIEy6TQnGrFFpVNzfksZUNPURvgVXwtLhVXApBXNoM%2F%2BC32Z0sgx5BF7UiiJzr0oZUeqAp3jFCjRYC%2FXKpb3JYbNNnJsrh7zaY49rEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cbe68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 21:46:35 GMT
5568-3-640x426-2-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/5568-3-640x426-2-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61cc395833a9a5abf390b87745645a9f8e99308930cd7a760835895139e31a7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12607
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 11:24:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9LpTHgUJNzqeRR9sEsXm2UVdFc8rjl7i4f%2Fsp85IMDVDo0zayV3pz8ndgcsW%2BXAd5LVB%2BpwQ2iLThpDVV3V0xxRFjJtC5%2BPCrdN0pBPFW%2BQmkq7uynBbxOcAcr%2FjVno5dFtLV79RsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cc568f5-FRA
expires
Wed, 01 Dec 2021 11:25:05 GMT
istockphoto-1077741064-612x612-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/istockphoto-1077741064-612x612-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d7ffeb524e6a4ac5c9fc82962a510341ea5669c0eaed1b457900af3f0edcaca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19903
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Wed, 01 Dec 2021 09:22:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9pLxINlSKc69fxjfzPXkLv46uuDS8gfGx0ZBNj%2FZO10lEPsAyBFczEj2O2fIa7azBTbFJQY6HCeMVOvS%2B3KmYxr2NNUXxjmncvU6HPajwivjUyq8WT%2Fx1v25KEm11pPm8uF23nVo9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cc868f5-FRA
expires
Wed, 01 Dec 2021 09:23:27 GMT
vizatimet-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		318 KB
319 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/vizatimet-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d125dd07be92e071995c45c5a41f86356e04145646da419eb1c0e2dcb1b0cc2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:27:13 GMT
server
cloudflare
age
52069
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2gV04vDGywrafgL8rL693m2f579%2BjkwOhfE3iSYc4mTuIZ0HfTqWD7sKKUnd%2F486nk32psPh0JTs2Dbd6SZHZs%2FLisw6ZYcBbjDJWhT%2F7D%2BtR2kLQoRALOJG0K3PSuvknW84I%2FkYMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cc668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:27:21 GMT
p%C3%ABrqafimet-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/p%C3%ABrqafimet-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306256990e3a757fbf8a103817484800ec505f4c3c0896a6caf141c91beb219a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:23:10 GMT
server
cloudflare
age
52315
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdkZnzCShIyvNZmi7286iL%2FTvYVtr38llouaI356YaIRKAc2Gdumb3WVR%2Bbig1KErnSfOR%2FI7IAwsmfAqPry5dIYxpNteMG6zuXRIPuI5MmHZiSGXwydgKiELdgUdMOGhQmSy%2F2XkO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39ccb68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:23:16 GMT
33ae95a8-d71a-45fc-b425-4011f37cced4-780x439-1-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/33ae95a8-d71a-45fc-b425-4011f37cced4-780x439-1-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8cb2a3b1a0471032a31978a7374639f9bed710ae22f5f153fe2b956171389bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80048
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 16:36:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqgAdJSiUwU4zjE09%2FU3w3jgJcYM6rhTi9JWuT82hzSMZvki35KD1h6jarc3ydMYGcbgaYJhmHj0ljCvofYQxcmBwV6Ob%2Fc5XMVlYQzbSJeX5nOGI%2FvYKovit7iyDZ82GqOhCZuFfYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39ccc68f5-FRA
expires
Tue, 30 Nov 2021 16:41:04 GMT
Bears-1-780x439-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/Bears-1-780x439-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64927e61be38ae0543ef5301913ecb53c62f41e76e4a3ca8e01c064d0238cfe5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96952
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 30 Nov 2021 11:58:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBRmT6XzMegSBLRoIHsQTdvc7dcWqxgLAdwM%2BwNkXPwsdQIghWA5LckeL%2BUpZqWJ7bSscXuziYeTpWpBbPIEoxEjE5rUMsnyu%2B3%2BgLVEfxwDdKBDmTZawrb52ypUwvElX8KtSHog5Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cc968f5-FRA
expires
Tue, 30 Nov 2021 11:59:20 GMT
pema-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		411 KB
412 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pema-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b1e1f682effc8699de99d52095df064be2b292fdf32353f19787266610708d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 22:48:33 GMT
server
cloudflare
age
144377
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6sZNHlOoAD5iDmFSMoqE3ZiCcJQXD0p1B%2FjaYd%2F7MT2GYNMurN1N%2BJUg5sizquQBJO%2FuMPRyVn20mr5jbDTp5%2FDXobKOu%2Bt4sBEmsqv0JthpQXg5ilRRFOnsjD3GMB9%2F8CW0ka%2BEB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cca68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 22:48:53 GMT
virgjer-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/virgjer-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e64a49608a1aacd9864b73405575b42086e9556f5f06343a973b27629f6812

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 22:46:34 GMT
server
cloudflare
age
144512
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5U8yx1XBq%2BUoY7u0KrjIJ14pdTLTXy9AIClPZinWg0iQMWgZrc%2FKWIJMK0fVqqeJd%2Fe5K%2FTxoq2oGR8apIn%2FkIuPN9sqVu0IWzPTto53vJDJlMrNb%2BGSKMB%2F4gKTb1EfCZujTIUb4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39ccf68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 22:46:39 GMT
1526498272-1526498272_goodreads_misc-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		340 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/1526498272-1526498272_goodreads_misc-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcf5508936aaca874aceb8ede58da83532d11dade122cda0adebe69829b7839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193760
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 29 Nov 2021 09:05:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXMAbBa%2FEz3h1jh7cUYRvIsqAk9wsa55hKQAhia90O7J%2B%2FVtIChyoQeu2aOHx3sqwHiLnrHgzcIkIgeCLc%2BBUQisBgLzC4oIlS01alGdQjOw%2B48lmF%2BGtXP06%2BabPgAYtVLP5ZvcXRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cd268f5-FRA
expires
Mon, 29 Nov 2021 09:05:51 GMT
elen-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/elen-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5e7eb99c90ea057904e394b01b1008a4a37236ea5040eaf941692a3a7f21fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:35:53 GMT
server
cloudflare
age
51547
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0QydeJOtNUE6gEQ7IdaahI5Ld5sfPx3FqFyM%2BrrqF632YcE3q8Q6Om0COMd2UioOaRXEAGYLQL6%2FTS6z2ZJEYHrzew1Ft0ENk4JTFN5vvAgCS%2Fr56s4DmJawm6jmwCHHHqiomNdGV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cd168f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:36:04 GMT
mumie-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/mumie-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470ed218c730317577ecb1082da900de879fbbc5ab4ba9d2046f36300d0f8fb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:18:34 GMT
server
cloudflare
age
52588
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcCkgDf3%2BmlcPGZmA9X9HM0dGTzcSt9N0%2B%2BPfN8EoNTm7bSo4HYnnkGhEsOV3oB4WPLcejNhH0rRyIw2NvPAcbqfTHSmhhxPYDjJ0BN1SGfnydrUuQ%2F%2BrW3l0SEc9ZNZ7oNkvTaFaYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cd368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 11 Dec 2021 00:18:43 GMT
narcicizmi-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/narcicizmi-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0516b3d11a602201641b62a125fe061bd6037a09904b7d19b115df865eb9c907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Nov 2021 22:53:38 GMT
server
cloudflare
age
144087
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chWIX7eiO25ZE5V3Ijc3UrF9ga8Ki%2BO6YZGmg66SyXEem1vfwWsKL4lbmaJBxKdPHfGZ3bNXiHF3xzy5lOwfH1cdH%2BSAaTNMlOmWhvQHn4VIt7LVMkPg5%2BNbwkGJvXphdKjhqXaT70A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cd768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 09 Dec 2021 22:53:44 GMT
kometa-2-600x360.png
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		425 KB
426 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/kometa-2-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea538915fd24a4b97e0449f2c0b6f04879c2c1e0bfd08dda8c52ac93dfc9220c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144216
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 29 Nov 2021 22:51:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uhdSHyWkiJMuNfsp2sD5J04CNNH3k9tdvMxk1PQyKqn4O77MrpoS%2F3bnRUmwsAnKmCt9Z6GX6a2rt0%2Bw7AgeDBNPqcnaz1NOftjkpC74pSUI%2FgIJ0MQEPp%2Bq9xnuCI2U21OCBRqRWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cd668f5-FRA
expires
Mon, 29 Nov 2021 22:51:36 GMT
pushteti-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pushteti-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf0bf2d50c23d7a1dc8d2fe7feb4d689fce3b2ddbcfecdcff414e1f64c721248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 22:00:19 GMT
server
cloudflare
age
492795
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKvBycWT0k7yPG12znKZxC%2BI37Qfx%2BCsXGcL2YZTrMaGGhgwEdllDqa0QOFpj66wmi4sw7XNJDCWziFDsrveU7IN49OCL5CESiAymRs9O04YU7mrbOCbdR3mlIt%2FIX1keoTAXuRQGmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cd568f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 05 Dec 2021 22:01:56 GMT
pandemia-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/pandemia-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f729dd17edaf7ce3cca3661569898800e2b8aeb4fa8aff12363dbc8b86eb1404

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 21:57:42 GMT
server
cloudflare
age
493042
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhCN8ixhJfLERxYmWZ1XIppoKAP4ESYuvq%2BCydbywp%2BwqRoyPJ2j4wfhDbpWZwCTfmXjDbkqdppzZGG92dT1w317IP0bkd3OqcveKnkTdPnELJbVXcTueSai8w7giFkriPuVZrGmLrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cda68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 05 Dec 2021 21:57:49 GMT
deti-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/deti-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f912a74e5e5cb707d26f911a9292e89c26563b15eadce0d4e1b8573303f3b3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 21:40:02 GMT
server
cloudflare
age
580501
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxi5NvhqrD%2FlCvYKBV61WhXDA7hRNpNSeu3W%2FrvImYbHoTjgNHmvhyabihVdpSHKZxQazfsSGUH%2FxIj8F2o5cP%2BbsPQRx0w3jmEVV4UGAMGHnrRZo%2FJSxQH5Kd8o5BdkKSUKdY9Dhfo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cde68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 21:40:09 GMT
rrjetet-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/rrjetet-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6fecb3dd66ef7794034c300c934f822b3c45235194bacaafc6f3a439f0bff9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 21:36:59 GMT
server
cloudflare
age
580684
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oiJLlJBRqfjPuqMPHSr9H1ZOyqzJp8dJbzIstXLDFqbwI93dBc7qjbgSm5yQr3bH0rk9kTQl7va2rTVixlHnM19dauWFukNztGI3WchULcNx09GPlUond3EpXf66Jzp1H2l0jSrdSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39cdc68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 21:37:06 GMT
unaza-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/11/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/11/unaza-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78e1cacea5cdcc78038dd0b32ed1f6909744fe10952a4c5669b3f435246823d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 21:46:47 GMT
server
cloudflare
age
666004
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoKZkLcDesMilWaq43DjhV7G0jALQs6lDZfaZ6%2BXyAP41IZpqgSpu%2BkestJpD%2FOttV9A5gavG3%2Bw%2FIaq3et6j7%2BECF7HkzRZlSosQEzquafVikU0a8JKgOUA4i8RiRtwQVcibQXSSaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39ce668f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 03 Dec 2021 21:55:07 GMT
gazeta-express.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/gazeta-express.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWlT6iTQTJ%2FLmBNzlXQzujj5o9G%2Faa8nooVGEHSxpSJJos3I2mZ%2B89mbfOdv5x9%2FXkH9vvCYncm%2BspHol7oXesBSD9HofrMLc157LLmFnH4oWeR3Ku0nuFvh90EqlbI63LGBl1yfbu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b39ce468f5-FRA
expires
Sat, 24 Jul 2021 10:25:40 GMT
facebook-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		604 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3135240
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR5ymap7RcjU8zFNsAqp6zXpOStHlt3EaoFLmw8CtAud4NZZePIH%2FqqGGdbhIZRgLJw3qBe6hOzpWNFv9WR%2B%2Fych1voNcLFslpJ%2Fhf9EKFbkhU27bK0FoKAW%2FKflP%2B%2BhUUymJslmQHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b39ce268f5-FRA
expires
Tue, 26 Oct 2021 01:44:41 GMT
twitter-logo-silhouette.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		850 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-logo-silhouette.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzAaPA9qs6vAJo0HpkloI7vuzepHMX8GkEnMSYvz9Gh0S8Kyy30HA6fQt%2Bo83myUrY2t1OsiHY%2FtmaeNrOCe3eglwqgC6cJL1kRv16llpVIPgzyz9IUGxYXfltVUs2XjYwkkUjBnUxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cdf68f5-FRA
expires
Sat, 24 Jul 2021 07:52:38 GMT
instagram-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1007 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/instagram-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sEx5QPmRDrfMhS%2BZVcYfBnotJ5KCKmkpcj2tkbgN825HxIcz6c3jh1ULkvDmZ9fSF3%2F4czaI%2BHH%2Br7vW%2Bar0ft2HAG6jTnWJgOebTPlyJMv2UTssA4MQgcacqHMgjFG%2Fg0v6Tp6d1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cea68f5-FRA
expires
Sat, 24 Jul 2021 10:25:40 GMT
youtube-symbol.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		612 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/youtube-symbol.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8601712
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNYUPJfm6p6fb4c87GCk6DNJwTcOPBfuU1Xg6mKWX23pu2EkB6kuqjvJqdHMZ94uJvL%2BMcbtPN8f4tCvj5vQy7XRLgdhHJHK%2FV5mT0uheJr3M8l9AVfBappRbalAm6MP3BfyCYrjV7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6b6d27b39ceb68f5-FRA
expires
Mon, 23 Aug 2021 23:55:57 GMT
logo-shkabaj.png
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/logo-shkabaj.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public, public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
age
11248003
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRMClKrExSiTdHzqU3l8p7ssF%2BeCOGrFg1%2FhZ97g7d2VH7b8LmqHG84bkK9VxThc3sB%2FU4Xl%2BRAujDPF0Qo0Ox%2FGmRJhwKrPAXUqgTXz8FPzzMXuGZU2iqOhROBSZVa8tG1qBvWMxSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27b39ced68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 03 Aug 2021 07:52:37 GMT
owl.carousel.min.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/owl.carousel.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiCa6V%2BDUjaJq%2FfJzA5HWVs3V0imXhNEsSt6rKfz7iQX1u0XR5UBa1Rct6%2FwDXx1W7fAxy%2FJcVKinjQkwIZN1qPP63%2FjU1QRpwbpfuyYaWcyFu7im8a2H3v8Scy376adzx%2B0jmauVAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b30b1e68f5-FRA
expires
Tue, 03 Aug 2021 10:25:39 GMT
main.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/main.js?v=1.0.9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248004
cf-polished
origSize=11722
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 24 Jul 2021 10:24:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw5G%2FNG28oGUjVhG6SxtfH4qMihxdO96LufRUrt5rN74CSmVi7HlqTyuOTGENJs8FVNVvt7ZuOcIc32S3uAAMPkS3ncBu6d0w09SX3tIfNzM6IvfjSgecQvMPJyOXeCW1Q3an2ujxfM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b33b7868f5-FRA
expires
Tue, 03 Aug 2021 10:27:26 GMT
bundle.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/bundle.js?v=1.0.5
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
cf-polished
origSize=3713
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Mon, 16 Mar 2020 11:55:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt40A6mrHsjen4kxkNSdbErJ%2FyB952s1xoPNm7iNfYxuy62%2BFMcmNCDd8IptiT63Z%2FgyJcrniWQzVHKXJMw8dzKz5Tia8Q%2BWbe02F4uvG3m83ykV14Xepu0XqbaAirop9QCEHAO2Mw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b33b7b68f5-FRA
expires
Tue, 03 Aug 2021 10:25:39 GMT
mpp-frontend.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
cf-polished
origSize=331
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLoIda0BwFgu%2Fu31Z06%2FetBpxBZC4rauIrDSIkJROzoygQYVFAcH85kz%2BfeswFJyKbLesOUp9VtuDeDqSA0EJBW57%2BwcD6t5TwuhYiCYwLtdgE76I2P9scC3OiWKAiIaG%2B2LQNeN%2BVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b33b7e68f5-FRA
expires
Sat, 24 Jul 2021 10:25:40 GMT
wpFeatherlight.pkgd.min.js
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6870664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJIx5XzZlV%2B4e28D34xoiJiUmflxRxvtx39aJqY3yDmyYeRCxFiZfKH2CkfEzFgiUFMqwB61DYan%2Bt8d7oaoEaiqIIdY3B%2BMuBZ4zdvnUYGLCvPBMo5pRV6uvPHRFCmmFMedDbESjgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b33b8368f5-FRA
expires
Thu, 23 Sep 2021 02:00:36 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QMV6EstnP7eOCeB1tAQHINr53OdpPwjsVRBrhUEz57ZWMmdtDMTxKrY3uRKCCtTTTJSwXQ2mmSlSljdPP2ELKRo9v5uRnhdNQZMvgqvdmZueIFw1IbRxnBcIoNB1nIAIEozYkLrGV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b33b8668f5-FRA
expires
Sun, 07 Nov 2021 04:06:45 GMT
U-7Baa56EnJJkA-3VT33cT_3HbI.js
www.gazetaexpress.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/body/U-7Baa56EnJJkA-3VT33cT_3HbI.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11248003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
AEMBGQ7NHSASWREJ
x-amz-id-2
HbYtGvHAxrqjD7EAI0xau87+HIueYu95K5JzNTy/VZA5Ag9dBZoflxLqGZvFajb06xnI69/Gyuk=
last-modified
Tue, 10 Nov 2020 13:59:34 GMT
server
cloudflare
etag
W/"a48224d294929710ccf63815c082d82a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwxudLMQwgxwqLiCeygjd15bbRB2ntNmviS6D%2BPMpG6rZ7BmEo%2BwP6wUyW4955KdKd76U2kONmmd7If0y1fT53QieOBiIeJ8b8%2BQC8CxUD26gzzu0%2F%2BWqkQC3HARQTmjURaUq0jgSd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
OdY.zUSDblunDdofCPVQz2xapN1Ewriy
cf-ray
6b6d27b39cfa68f5-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6844
date
Wed, 01 Dec 2021 13:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 15:01:07 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-58.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
18823665
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
09ERX1wrpCPzV6FpvKH7nwnh_3d7Csim3caFkDkjuca-vcZTwwlQnw==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
EL1XDZyuO4OFFB2TR2fz4mmvCFxyDIiNx/cW00KiiZmWhkwqtkb+HM6qpOlzDWbjcqNmOkJRfrV5Y9pbnEx1nA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 01 Dec 2021 14:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/mediaworks/ 		167 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/mediaworks/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Wkc_rZlNQmNTCKBRxLriGeFlsoO3vY.7
content-encoding
gzip
etag
"0215be18ff91f9f8cf1f87561475194c"
age
21
x-cache
HIT
content-length
23804
x-amz-id-2
9rdxNUrGlZhYS3j6Zh+JywiJ+kaq34TP3zL8e76tSQ0U7bYxjqq3o5HPtq3ui2xPTIw0jWdZVqI=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 09 Feb 2021 14:13:22 GMT
server
AmazonS3
x-timer
S1638370512.928799,VS0,VE0
date
Wed, 01 Dec 2021 14:55:11 GMT
vary
Accept-Encoding
x-amz-request-id
K0C098P8FNWXW3VX
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
2
wp-emoji-release.min.js
www.gazetaexpress.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975732
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzcNX0oT6z6uPp47mhohiAKg57909nqLnAV%2BUFQqj7tS%2Fbm%2FeWz%2BlpWgDuhsWfymU8XIQUX3mAc4ujZSZhYobe%2B%2BIQNvzrD9DY1I5uhJLw0BC9f%2Bkti8rQ%2FIV0kZeIbPXipmSUoxdwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cf868f5-FRA
expires
Thu, 28 Oct 2021 02:10:35 GMT
Raleway-SemiBold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-SemiBold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66524
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUPRitpTjLnLzeTnoTbD3X08u0WSfFH%2B21wDTt1bC2soAX9EUFl8%2FnZu5MfvaMAu4%2BrAP%2FyFfarBKP5keTLvMmYwaiEWQhOQRnuEI5HcQluXZwHqQtuTAfiyUeTEt2dWSdjtLyF2EAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b37ca368f5-FRA
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Regular.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Regular.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65692
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLI1yUpk9JxtGfPQJYLQgYd%2BfJU3aHkIbAup6SSMzaH8H0lCg1b%2Fq7hMnt6mvEz53%2BIW0mKfrpuZSnw8KZeG%2Bre98tDCEeWC8%2BZBF%2FuNkWS1hdSkvZLXuBqUz34Y3nK0iu54pHuOHcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b37ca168f5-FRA
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Medium.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Medium.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65280
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHXVgM2MyCjspwjQNTBglbwm66nIsrPK7UjpdV98YVQdxF89UkyInzYrezfgO6rpduWHMNrYvLjydF%2BJtEr46rdLhxxj3gzYaXZdK0pPvj8vKtj6Jz8pBLztlhYUKNDJcYrOpl49rOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b37ca468f5-FRA
expires
Wed, 12 May 2021 08:31:20 GMT
Raleway-ExtraBold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-ExtraBold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84522dcc6086c5e71e7b83b103412d98cdb736854c1676bc92457e9ec1f61e5a

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65984
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK95wKD0g7ccq1gAlOXcbVRMOEd%2FgNNtXS58Ojd2coD1SQTjDvP3TdH2CMhH%2F1a0ffsCXL1SDEUrR3Xm%2BbYDQhfuZYSIzHQDCv7qPbydkZauLp%2FKqnxcru8ZkRuzXx4qDUbr%2FdHQrWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b37ca668f5-FRA
expires
Wed, 12 May 2021 08:31:19 GMT
countries.json
www.gazetaexpress.com/data/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/data/countries.json
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505c2988510a5abdfe7f601e508792642bf8b20c61dcc4734c5efc807180a0dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 26 Oct 2020 22:31:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7GAUzUbORRDMOQGrXX8rY%2BODr5GRt%2FsL3Obqwf78%2FZqx1ZNHcNOS%2BQMH%2BU%2F6%2FV%2FgvtfqAufK9QdrRoMzFNn6KK8Jt8AxqdFwNB65y7hAg5EMJitNkWKVpeympvl94Nvm6oU6xtJ%2FpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
6b6d27b37ca968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Total.json
www.gazetaexpress.com/data/ 		57 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/data/Total.json
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b535be8fbd5f4e1530ac8ea77c5f69a614d1db1eff69e06fb6fedf05a3752d45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:00:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47K%2FXu3foXzvWEiPXuOV2hNCI%2B%2FMEDBpUrQjUdNxW8lhyyFYMZOgGFDJr2AlVTf6Bwgvfagb8dmmPQ8BdhE0QYOx4fVnb9uzk3fVWEfyC4%2BVuVy4TSq86E1LZ3CtqktG2LMrenfmgbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
6b6d27b37cae68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		603 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a0::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f252b9509e2ffeeea7ac8b6acacf2305281c0b29c15f01953cf705ec585656fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
3ZHS5Y2MK80G875G
content-length
134622
x-amz-id-2
XDO65J/2sykcVGwGjna2RhbCPX4kyRqG+6OqYpMRzSI3wtV8ne+HCE9JYfhiPNvcjlSJHha5n3w=
last-modified
Wed, 01 Dec 2021 14:15:44 GMT
etag
"bee4b121e7a9e0214c663e878b0ffc9c"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
0
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 01 Dec 2021 15:25:11 GMT
t7-live
video.gjirafa.com/embed/ Frame 26F4 		48 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b026854e828f89ed3c11ffe28d561704794e505a47c962b4f530edb2d4a24bb8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-frame-options
AllowAll
referrer-policy
no-referrer-when-downgrade
x-aspnet-version
4.0.30319
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozJ6oBU6ZYG4g2VWJrFG5F1pJG7LV53HgNJVrZN%2FRa3Ou426NbCWmpgqDl16f5QZG7kAeAh%2FuDY1j6iuyEM3RlR6W6W2KiNCVcQvPOnBrb4SV3wCElQQZ0qv%2BN3dz9SnvWEy"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b6d27b3a9395c02-FRA
content-encoding
br
/
www.gazetaexpress.com/
Redirect Chain
  • https://www.gazetaexpress.com/wp-content/themes/express6/assets/images/t7live.svg
  • https://www.gazetaexpress.com/
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sXBknyLJr4dyf18x1Aaqb878q%2F2jf0CDq2z0QRrhmnnRgw4ZIOY8%2FBhKeYUN3sZKLVNQ0lYbHzdxm2nm64asE%2FZ2KHitSrIU%2BDg769v5Kqf2GD%2FoFSfX%2BNTMkDVWJ3synA1JIhqhoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-elasticpress-query
true
cf-ray
6b6d27b8180a68f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
public
date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6865358
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9OlPok8YJ0%2FctYjWllVuQceriBwTbo3CnsJGxFUHJ2YKGD3QzcmCCqlUoBu6TA2NxsrRsyo6e7f0kI%2BH3ndML3FVAyEL9qP4ThNlgK0239I8v42Kv9brYWy%2BtTxFC521L82NiNH5Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
http://www.gazetaexpress.com
cache-control
public, max-age=31536000
cf-ray
6b6d27b39cf368f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Raleway-Black.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Black.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64872
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULtOmr6us3yrWVsHPYgG8FtaK1flt59cNbQy8IhFttG6gPmM%2FLA1SKenZz%2BbRwBlPCBnwsMvcKNYcOlUbgxA0dcGgrWBZVEvKSf5TFkY1laMOE5gW5O75kZYCd22Bhc0XQQo4SCG6B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27b37ca768f5-FRA
expires
Wed, 12 May 2021 08:32:13 GMT
t7-live
video.gjirafa.com/embed/ Frame D8F9 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
deabe92c2bfa27590af91ef428bb343edd471dd326d30cfd1192b21fd7c24358
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-frame-options
AllowAll
referrer-policy
no-referrer-when-downgrade
x-aspnet-version
4.0.30319
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzJhjzcDJxurhoeXh9ARhXYF8BmywSLqLHCM%2FKfv6pCSY2t4CJtEGSn6x5ioIb1zo98KIeANn12AfiP6zwJ4YfadVRo89pp3KQoBAqA5hwnarX64HXtX9MNPC7Ib0D1PikGS"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b6d27b3a93c5c02-FRA
content-encoding
br
impl.20210208-11-RELEASE.js
cdn.taboola.com/libtrc/ 		461 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210208-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mediaworks/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
KnSm.W0xbjxKdbzJlmXotguv.ic.uOsY
content-encoding
br
etag
"a91756933e089626a1d0a3de71a9f830"
age
15003
x-cache
HIT
content-length
108763
x-amz-id-2
qnKhbZ/0mwNsSNHwLqJqFDx6fYzPMndR7RNgLjf5Nuvk1mdyg5SDkSMbjXWGcMztHyc++/5J3Ic=
x-served-by
cache-fra19148-FRA
last-modified
Mon, 08 Feb 2021 10:37:31 GMT
server
AmazonS3-br
x-timer
S1638370512.964573,VS0,VE0
date
Wed, 01 Dec 2021 14:55:11 GMT
vary
Accept-Encoding
x-amz-request-id
9NM99R3SGP4B69EX
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
198
260200548443713
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260200548443713?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e93f6c4bb198d4ff930a700439b6a1884ab303721cfd0032c9570f8f7edda82
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88851
x-xss-protection
0
pragma
public
x-fb-debug
1Lk2ojDla7+qLXofuO9ukeH77twW4vAskLpRFtBXG3gW47i75VHaIXM2itf6EEBVDRTRLOm5VzpNdZuVapxc7g==
x-frame-options
DENY
date
Wed, 01 Dec 2021 14:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
projectagora.min.js
aghtag.tech/libs/ 		366 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: agorahtag.tech
URL: https://agorahtag.tech/c/gazetaexpress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47ea38ab42540ac291495c4907c9a4fd0e57531988de7bcd6bbc6693c0f3ca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2731
cf-ray
6b6d27b40bb4698f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
109815
x-amz-id-2
HPiZQvV0vPQ74DzoDD3WXgqPbC5l3PcvIoLhWKyXjs5PbrWUjs+dPMXIwhrV3sx+EoCI8EcK8I0=
last-modified
Thu, 25 Nov 2021 10:08:23 GMT
server
cloudflare
etag
"26bdb5fc1647093e3d48060894cd987d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRfDf%2Fz9hf5ZO6ey8sNsQNfjxTG%2FfKDVjYgryCeiJXsMnMK%2F6csQxB%2FgyMeNExkBt%2BsoR1UdHPyhJ1mXsDtTzeuI%2FjXlwTvVlM1xo4cCPLOFC3wCRUZmfNypbXpU6AZ72dTNaVU1J1XGrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
XT3Z546PR5YWMB8E
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Gazeta%20Express%20-%20LAJMI%20I%20FUNDIT&time=1638370511981&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gazetaexpress.com%2F&random_number=13157028949&sess_cookie=3149070f17d767e0c6a7993bbda&sess_cookie_flag=1&user_cookie=3149070f17d767e0c6a7993bbda&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 04:15:02 GMT
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
38410
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
MlTz2EMr5ol50Ue4VigbH0-OJaAiHbYK8nwLgW93R17f7hFvwnI81A==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.66.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-66-213.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
server
Server
pubads_impl_2021111801.js
securepubads.g.doubleclick.net/gpt/ 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
0f9c649592b9f0b610c746da1ed7a7fb0c95b828c427e807ffa656773d734e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118624
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 09:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Dec 2021 14:55:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		79 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2204916fad1cb67ee23c5c35a56252e9a012232d7806d189fed555a6cc2f76d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78
x-xss-protection
0
expires
Wed, 01 Dec 2021 14:55:12 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1201867944&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Gazeta%20Express%20-%20LAJMI%20I%20FUNDIT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=716038174&gjid=293534457&cid=1938265151.1638370512&tid=UA-6427330-1&_gid=1614476265.1638370512&_r=1&_slc=1&z=59015122
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1201867944&t=event&_s=2&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Gazeta%20Express%20-%20LAJMI%20I%20FUNDIT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABBAAAAC~&jid=&gjid=&cid=1938265151.1638370512&tid=UA-6427330-1&_gid=1614476265.1638370512&z=543949271
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 16:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2234787d5fb72ab38e21fd55ab13c4679a0552cdfcc0b0bfd0b02f8ec401ad68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99572
x-xss-protection
0
server
cafe
etag
4632444707752862328
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 14:55:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 27AC 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 01 Dec 2021 09:43:00 GMT
expires
Wed, 15 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
18732
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 01 Dec 2021 14:55:12 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 01 Dec 2021 14:55:12 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
bid
ap.lijit.com/rtb/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.16.0
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
fb97922fac144b8ebe35e4d15d9fc4579948e5d7884ca8a585f08fe996e95f9c

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Dec 2021 14:55:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
3078
openrtb
adx.adform.net/adx/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1638370512128&src=lmonebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
cdb
bidder.criteo.com/ 		18 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.16.0&cb=51891376178
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=2241730&size_id=55&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=lmonebid_lite_v5.16.0&x_source.tid=3434e5b0-8406-4ee2-aae0-a22f9a9587d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7175626421376886
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8a54adf7bdeebb255cfe7e9b7b1f340e2d46043dbadbfe864c47aa112b713750

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=2241730&size_id=15&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=lmonebid_lite_v5.16.0&x_source.tid=9b7c7128-3bc0-4abb-b9b9-de408c6fe50d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14800096607151048
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
62b646bb3b12254ac7c14fde9f5068a565b4b88f8b4b2b1fd0435d0bf3cf23c4

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c81a10e361d904188643b5082415e040aeac6b6965599086c7f0fd991088712d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Dec 2021 14:55:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
05973c14-d39d-4dc0-99d4-83b3563d9f53
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1638370512139&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ 		94 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.16.0
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
6fa255f7d2c7a37dcb8382905a4f287a7f11e5e9daacc01330fdcef9c58cfd64

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Dec 2021 14:55:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=55&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=82e1270e-f2b0-4b22-a4aa-69a053a15f2d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.34118985037746286
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
027605208c4467f024b851b765e294b984763d88c7f8d8d98c01572734d5f889

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=15&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=07813e16-a66f-4a93-b6f7-3cdff4a835a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5760873768415506
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6c4a9b00c46d0c2afa6b4b0a9f7815b6bb02d418840202804df2496442768d56

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ 		18 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.16.0&cb=31230543726
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Dec 2021 14:55:11 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
421376ffb69379358a4dc2bef2d1dd7f693f01bd3a6058008bddf616fbb0404a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Dec 2021 14:55:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c9c61eca-1c51-4537-a993-cd99b0d6b010
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6427330-1&cid=1938265151.1638370512&jid=716038174&gjid=293534457&_gid=1614476265.1638370512&_u=IGBACEAABAAAAC~&z=1410132703
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Dec 2021 14:55:12 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260200548443713&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1638370512214&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638370512212.1597701743&it=1638370511969&coo=false&exp=p1&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 01 Dec 2021 14:55:12 GMT
wigo-no-slot
sync.teads.tv/ Frame E916 		325 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.2.6
content-length
325
expires
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=a7fee086-d0f5-4ac9-85d4-79ee85e885ff&pageId=76285&pid=82609&debug_metadata=miiUOcGcJS&fv=923-pbr-4027&ts=1638370512277&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=a7fee086-d0f5-4ac9-85d4-79ee85e885ff&pageId=76285&pid=82609&fv=923-pbr-4027&ts=1638370512339&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
asyncspc.php
ads.gazetaexpress.com/www/delivery/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.gazetaexpress.com/www/delivery/asyncspc.php?zones=46%7C46%7C47%7C44%7C44&prefix=revive-0-&loc=https%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d924e864deb13f8dda4beef4f10deb0277bee345cd8c948a14b123607f418e77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU7wxIlbaNePJxnVO7oBnun%2BY%2FxvOOnsT%2FR7RP6DDkDJYNnk5O%2BMaVLGd4%2BOavIaEQjQ9DKT3DQ2%2Bn%2Ftv%2B0AT5JmWGPzx%2BH3sPE6muFMHF8HMYC4L48evGbmwIuXsV%2FR2CZkSyHp%2FGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b6d27b67bb268f5-FRA
expires
0
cookie.js
partner.googleadservices.com/gampad/ 		207 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.gazetaexpress.com&callback=_gfp_s_&client=ca-pub-4665846415960239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a6b28776fc81801179c74d5e3df5614e352ca77fe191bfa9d0efb49d0cf3964b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 70A2 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1638370512&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638370512065&bpp=3&bdt=382&idt=432&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7739102639055&frm=20&pv=2&ga_vid=1938265151.1638370512&ga_sid=1638370513&ga_hid=1201867944&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2799477278644123&pem=813&tmod=657395804&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=456
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 14:55:13 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=1938265151.1638370512&jid=716038174&_u=IGBACEAABAAAAC~&z=1314594838
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=1938265151.1638370512&jid=716038174&_u=IGBACEAABAAAAC~&z=1314594838
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zINAomReDy6V7f4JXz-iXwEgZ7CjuO6Flz73XfzM8FpmalxJuRL0sLYY7l4-m5cwxBj9UVB7Up96F_Lw-b2jb-4YyoHKnbGWKkRNPOxiQT_OVfkNhayANbC9alCG4OUacVVl2Yyq5iKqJ9Kwwh5bFxOwqWCxOGXA4Fc8sdYxmxmaIxOBjNIHwL_QCwCE10tXQteGV...
aj1431.online/ 		913 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zINAomReDy6V7f4JXz-iXwEgZ7CjuO6Flz73XfzM8FpmalxJuRL0sLYY7l4-m5cwxBj9UVB7Up96F_Lw-b2jb-4YyoHKnbGWKkRNPOxiQT_OVfkNhayANbC9alCG4OUacVVl2Yyq5iKqJ9Kwwh5bFxOwqWCxOGXA4Fc8sdYxmxmaIxOBjNIHwL_QCwCE10tXQteGVrzXTO2-_9uJltH4pha0nBQky2COM-ECsBVCicnti7yXfTIlWtMAVM5YBsctj530nuDY6jpKmuSZEMc73Yue11XL0EDP08gAUlmn41CeJuT1NEGgt-dCMb0kUzd5oRbu84-8Qx03leEeGFxQ5rEEGJCefJoFFM3Cq9X3wftKTeeG9rnKlPPKK9vRTlVgcfESCaHPGJ57H4Jt_WrYfYiwjuBi0jOJllOc0Scp1QP7EVfysuRbdmMQkpqXmXZFiTXQdOrGX55lC?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
41bc018624c91e000da37724fdd8c91097200174f0d5a121d994408a61348858

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
913
expires
0
zSARrAVQK3uwxWnuYm2apvghVjprizIGr7bqD-Uwz6ydZdTfyuKpOnhX0x-37KsuJYHEgZ3shtaR9lIRnhbBisuE3WqT46wsUN4J5DorA6ugKrgGsEIcWUt8y7LyfxyFJenZ81fH013OqNkUERMJjIVT5QiQL47cfL_5x4u-ySPLUMXDhpx4OKlqaBFgZaWHcQzDk...
aj1431.online/ 		891 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zSARrAVQK3uwxWnuYm2apvghVjprizIGr7bqD-Uwz6ydZdTfyuKpOnhX0x-37KsuJYHEgZ3shtaR9lIRnhbBisuE3WqT46wsUN4J5DorA6ugKrgGsEIcWUt8y7LyfxyFJenZ81fH013OqNkUERMJjIVT5QiQL47cfL_5x4u-ySPLUMXDhpx4OKlqaBFgZaWHcQzDk3ZoHpuqA8HhAWkG11l2g-Eas-T4gFABWN8t9zG78Z61UYhz-z7oBnP95fHOVI22zVjYiKX7XNWa2psZubZ4b0DEmJrgR0nxeaiVvIcMHGdt3n0qiNr_J3ow31e7oKeC2oneSRk1UR4O85Wy7swPbOGYsm2KT530ovVQNO8eUbioN7tRz5PicERTfQduGYWxXiC6WFDMhbkUnOaeu_Y2O-EsDdrMhYONZ2XLs9IzK93wJWemFZgDGLJleXR8JkX5LN7PAssAU?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
abef8835ae5c190fd468c7d0a7afbef1fd97df829dde06367d41d7d746ed730c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
891
expires
0
z5edvZEnFSl3lTxzwdqvA9qe8V7DGTmQackfXC-MAsf6D0plLgZ6p5jqP2scEYdLygj7IWOBa1s_XyPh7Q-iC01JRgVc-psc5R8RHKu3NJ3QhIJQYhS-QuRPvzkSA-0CRh-94Ezenih9I69huVi8XiF64H9Gy8F5OOtp-NWPNAQ9OhmmlhdJ46E3TLcQxQIim_7Px...
aj1431.online/ 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/z5edvZEnFSl3lTxzwdqvA9qe8V7DGTmQackfXC-MAsf6D0plLgZ6p5jqP2scEYdLygj7IWOBa1s_XyPh7Q-iC01JRgVc-psc5R8RHKu3NJ3QhIJQYhS-QuRPvzkSA-0CRh-94Ezenih9I69huVi8XiF64H9Gy8F5OOtp-NWPNAQ9OhmmlhdJ46E3TLcQxQIim_7PxoNe7bhRcVjlw0H1wyUbQQgHuhpy_F4uLIHvfdEw9s3EAkJgdZq1Xw1S0GXRWJNJW0VHnpOyF0uMI6lTUzn6joslLn43hFJxuqCP0wK8KyW-wohUqaUJPnF-h_Iq9S9_6NapO2Rqmn9ekehQri7g6HQRdd0HYx_JW-hMmVvciHSy1EPozh6RlrUhzVYhIixtgpEJkWSlUt4wGYIV-k7vvowcDxZLyExvTtDBKUz-2B6hAENTMWxRZpy2uQvyeTndINrCTtc5H?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
3d2671f1c3b5eb919c0954290cd019120c56e9f245b3f4cde48d45aad9c12719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
925
expires
0
zotp-adNfw-Gi0Ur4W_XKHIFumXSFZViOCLL9kE1Ai0BR1ndpuNgJ4T-PtCfrmAE9GABO2Q24YfqkhO657uFrOhGWhMIoxYkf-cC2arqb8eFhoEz5dV0CieAzZ9Cbn1JfOANM1mklNpmoi1vaDpMedChxwDpcrZyOLa0hhLW5bT1H5D9ot4PynJP1bR7JDazMv6Nb...
aj1431.online/ 		899 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zotp-adNfw-Gi0Ur4W_XKHIFumXSFZViOCLL9kE1Ai0BR1ndpuNgJ4T-PtCfrmAE9GABO2Q24YfqkhO657uFrOhGWhMIoxYkf-cC2arqb8eFhoEz5dV0CieAzZ9Cbn1JfOANM1mklNpmoi1vaDpMedChxwDpcrZyOLa0hhLW5bT1H5D9ot4PynJP1bR7JDazMv6NbOy9_GWc58azVS-rMEoO31bofYqMNOUZIxtB9pXIY3xj84v8peGAytABrYb62qaKaq5Jjnl25WeFWLuCFH8_ZCIsUggleaQ8jre2v2uQlRcI9aUTKzGSJkVBgI8mes43_cjKqt20e-uAgzgoTtGUsyWg305rGwAcEjgffB2vrFoa9ujp2TXYRhHADVTTsmX504L_EMLmeQQLnc-2Pa_5smel2MBwdw_Ovqnz7CFzWmYrYLtBdPyncf-fxLm4CO3UYYr7DtJxD?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
598e4bd352e0b5f6a646a0ab9f048b87c4a3bf9fe06e1e296985f0a644a7f3d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
899
expires
0
zsyIspivt30X6chETss8uGQmfCS1S1FUfxz2YFFCAyw9zVCcSOgGa_FN5UWVpXfzSImRH6fjsI3eN2fN2_k0Vq-lsHRlM93WBwahnqcr4QcrSLPghmDtNSBYLWSMVCG5Kz1sDiDfKiqLr-5sDwVaoY41Kjr4bNtqdVaHS3FwGC9ZINtp4akq0PWgRYjL_N1Etlmz5...
aj1431.online/ 		885 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zsyIspivt30X6chETss8uGQmfCS1S1FUfxz2YFFCAyw9zVCcSOgGa_FN5UWVpXfzSImRH6fjsI3eN2fN2_k0Vq-lsHRlM93WBwahnqcr4QcrSLPghmDtNSBYLWSMVCG5Kz1sDiDfKiqLr-5sDwVaoY41Kjr4bNtqdVaHS3FwGC9ZINtp4akq0PWgRYjL_N1Etlmz5JcYnQAAlOXPfhw58wdMBDf2-eNzud2ZIrmStlfuHmxcz9B8eT1Cqea0PyBH3uIAxj8bWkviVoHALMWnA4FGD_Non7_c46IE4F7I_dGBdc7C5BAa1Jt24nPeavjjCFa2WsmagqX7HSW58dERI3TGKrrHTUxTVojKRgaoKAR5mPjC6dMe3lapvnlf-hlxKvQlXq7jmiWNs2F5T1KKScJkxu11d_12fk0hEfyVgC4LChzHrgZSHEfJgGvPDV7nKDSNPZrHG6c8S?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
ef64590f45dc5bfb600d40b408461af93d3c734e056e1e73ce5d2ece417ceda8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
885
expires
0
zaX5sTijQkV-YtNQeQlNOopKvm5OA5rDHsIRcAB0ETMyh6KfaEh6y_XnrRikTg2KfQaoQF2pdUFSxQlXV1Vd4yG8Hi84eDp30Hbnyf4DnTboTyKQcp8Yjm_YJvAmN9CK19SucJK61xqzpOTOEZNOE4OcQ-BEStSje_Ict93Up6Y2bwskmbYuW5WpNFMNYWeMIdL0K...
aj1431.online/ 		874 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zaX5sTijQkV-YtNQeQlNOopKvm5OA5rDHsIRcAB0ETMyh6KfaEh6y_XnrRikTg2KfQaoQF2pdUFSxQlXV1Vd4yG8Hi84eDp30Hbnyf4DnTboTyKQcp8Yjm_YJvAmN9CK19SucJK61xqzpOTOEZNOE4OcQ-BEStSje_Ict93Up6Y2bwskmbYuW5WpNFMNYWeMIdL0Kk5lO7rz4PkentkcGX6Qm8gNpMAJwTsJbpaUIpmdMXS-BMXefgOy2cKYWaTFGp3h-VkYA-fk5ncf955Mv7aTZxGNcy01PLBWx_cGBxk0dmnf1WFGTnTgZ7apqf5AF7DW-VIF6GCFeF-yytKqaOsydLac3m9ieIyx9zpqOUOvGIz1pdpwqYr64fV_njWO1lepde49qgdPGcpaq8f2i-G-1QaUfqgk5zyCzubgOwXlC1XoXc6OEiTSrQRV9hYhqcU8w5JfhzUU?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
5e12f7e893ae948a0b21589484d2834a7ff8f770953c027e69cf49d8285d2588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
874
expires
0
zeR20FmnWB0QrzvJGy7BQEBBULb3ZODCYvWEUFd5jx3LNC2dR2McSKCboA4YJlemJfLXsTPkg7Ckiu4MqU-l6zQzrTx0fhMlxl8xHx-PHtLsZ_RAFzcnYOZRyptmqu73sLvbIyzfmMtfNoHpeuXG8TX7Zb2dkkRLIeo4S9IYPG8qTrGNURJ_BKXWQf8tyZz74SSSP...
aj1431.online/ 		879 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zeR20FmnWB0QrzvJGy7BQEBBULb3ZODCYvWEUFd5jx3LNC2dR2McSKCboA4YJlemJfLXsTPkg7Ckiu4MqU-l6zQzrTx0fhMlxl8xHx-PHtLsZ_RAFzcnYOZRyptmqu73sLvbIyzfmMtfNoHpeuXG8TX7Zb2dkkRLIeo4S9IYPG8qTrGNURJ_BKXWQf8tyZz74SSSPqxho_PE32Drjs3gTeLIs2DSBuno0VET1fYIHrXQFjD_WD2tYhTzE541xcs8_hV0dmPUQPfQlh9DouiTgPwwM1pRZOxBzWww3wrPcb_oIXY5F05VeLq-oqR_f0SiAd0f5ZyK4HwXqfM8rfROM-XmQvQwnSdQr6vIlNaMFrUHQ_QndBfIUCUm8K2sb-CrVKt8latpnSxhGohG3IYRS7fZ9ROLe9Nmcr9LwdFuYUIlPrCc4_LePZapBEiuI1ZH94SNJNOfPssAT?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
af8aa9b0685c41084076f7af2497cd622822d769453f1a97eb603bfc73846871

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
879
expires
0
zE8b-HZNQ5O9cJIGuLFZEtSNLyv_nHY7hHcp0S4f9QS4sFvmz9nLpyreLUoNoRXC5-bG_jfguelFjHPDKntg3opd2WkREcWQcgJW6KHmg3NH3K7oK_kEFlMsiigDlp5QDh7O9iIeKwtg5tsKT2sYuwwQEXDEp7AGKLDS2UblxJ25fnS7PFDJsLI1OTfaJiznHZoii...
aj1431.online/ 		879 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1431.online/zE8b-HZNQ5O9cJIGuLFZEtSNLyv_nHY7hHcp0S4f9QS4sFvmz9nLpyreLUoNoRXC5-bG_jfguelFjHPDKntg3opd2WkREcWQcgJW6KHmg3NH3K7oK_kEFlMsiigDlp5QDh7O9iIeKwtg5tsKT2sYuwwQEXDEp7AGKLDS2UblxJ25fnS7PFDJsLI1OTfaJiznHZoiibNzE8tkzFdYxF7WBGM0jwiHcpRV_DzN4i1xko-7rvWGIYBT8-ZN9wLhh6DbxADGWdshGv-f3fcaSnsA-2ZuAvoEPl7CUpxM2YnAzwN440yywQ0XKZAz7CAaGZYGxhcH5POnhg9tsENkA0MMCPV5UdZmclE-eJxBaENIs2o7lfjDWAPNFvJN3CqZFuQpimCzYjUNOCMV82OkFXuh5uOgKHe0aeI4jI0bAMf-BJUyRb81DbxZNkxYQI_etGHSJ9CYZNL_E5s9O?
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
456855e9088f1af0a50ad2bfe4d2b7804a1e1ab0883bba83d9879be6fd0ac949

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:11 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
879
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1201867944&t=pageview&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Gazeta%20Express%20-%20LAJMI%20I%20FUNDIT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACEABBAAAAC~&jid=&gjid=&cid=1938265151.1638370512&tid=UA-6427330-1&_gid=1614476265.1638370512&z=1283997548
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 16:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2913 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.gazetaexpress.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Wed, 01 Dec 2021 14:55:12 GMT
pv
bisko.gjirafa.com/ 		68 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1638370512844&guid=e9d85186f4f04187be411775eb75f0381bf539d2b36d40b084a4e122db16ef36&sd=41deadfe40db4ab2a508aa32e692f18a&c=%5B%5D&tg=%5B%5D&tt=Gazeta%20Express%20-%20LAJMI%20I%20FUNDIT&u=https%3A%2F%2Fwww.gazetaexpress.com%2F&r=&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:12 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ2XrF3T0V3Cm1XLL0NmTjL4pmc5w8Yi815a91nE5sDPxhIdWnn7inOXECAiD6wIggkM82XszXEY8rKsPDMTTvn0KKtSAvDRl7gpb1WGuOqfntDqnheRWORX8gGMkUzp%2BZXx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27b95ff05c02-FRA
content-length
68
/
ads.projectagoraservices.com/ Frame ACC0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Wed, 01 Dec 2021 14:55:13 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame ACC0 		43 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=8&campaignid=3&zoneid=46&loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&cb=be1236f8f1
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpfRXYy95OJWSp8XkWy2zyMslJIWlMqnvUBZ49mN8IILJn5s0IH507QnBwk7Hci1FPYbr4s9UZk3Y35x6iGROVqpVMHCWuIbulR7SEkpnSDvMS7OcPKUy9ZpBAYEw6ncL9YSrONwplk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6b6d27ba3d5e68f5-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 1E15 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Wed, 01 Dec 2021 14:55:13 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame 1E15 		43 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=8&campaignid=3&zoneid=46&loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&cb=037a1c582a
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI3BmFidrbPVg3BTTyRFMEEYMHZtuEHH4Xjm5BiVwbERSkM7QVHXuWGEChdoE89Bf8ERI%2F9ArCAWblr2VVm1bPKptJFfvNm735kW1mExn1gAt1ygj8wrqjMZZEUTO72gHigVB%2B44JrE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6b6d27ba4d7568f5-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 1809 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Wed, 01 Dec 2021 14:55:13 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame 1809 		43 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=8&campaignid=3&zoneid=47&loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&cb=fd834ac738
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blqtQppwgBizpV%2B%2FhEx3fyz%2F9%2B7MTmpv%2FwXwkKC8m5WJrhNGQLtwyoU17CgVt%2BtbVvKA%2FRFdvXE0QoTBcfxnoTR%2B2dPLWPJODHfMOniaEE1aYpdDqZQ38QKp7e1acmRIHlk8DYVYs1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6b6d27ba4d8d68f5-FRA
expires
0
/
ads.projectagoraservices.com/ Frame B025 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5043
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
588f07403a678b388aade7b10429da2ddcaf4ca53e154dbf59a08b5761db6f29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1268
expires
Wed, 01 Dec 2021 14:55:13 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame B025 		43 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=7&campaignid=3&zoneid=44&loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&cb=fd7b5d0c5a
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1uIM%2BvjfR6pEbfCeVGh52Svlk%2F4s4N6T6X%2Bxh%2FMdsB6Qp84hXtUJfaEATWNBf7XaQZEXHw%2B3wkRMJvrSWa2STzGWamqXosmvTfTfncph4pKI7KyzQkiDzS47zoopg1v2pk5%2F7FsDl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6b6d27ba5da668f5-FRA
expires
0
/
ads.projectagoraservices.com/ Frame E187 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5043
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
588f07403a678b388aade7b10429da2ddcaf4ca53e154dbf59a08b5761db6f29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1268
expires
Wed, 01 Dec 2021 14:55:13 GMT
lg.php
ads.gazetaexpress.com/www/delivery/ Frame E187 		43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.gazetaexpress.com/www/delivery/lg.php?bannerid=7&campaignid=3&zoneid=44&loc=https%3A%2F%2Fwww.gazetaexpress.com%2F&cb=4684dc55f1
Requested by
Host: ads.gazetaexpress.com
URL: https://ads.gazetaexpress.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1JPnqtrVvk3NPWlm%2BFkGdyBOvZM5ESbDVck0nXMeyGAHZnUEexqubKkJTpaaf1qYbeadYVUIrkm4QLxXV%2FSm7GgG4v%2FWw467fturyutGkb7Tjwv6YpbZqPBLqPQRnkBqiEZwsK%2BMsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
6b6d27ba6db468f5-FRA
expires
0
pica.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050e6dd363733a099c56fcabb21921ced40b237e7b165b2445d65e363027501b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rudm80IU4JtkXaJI9hOXXnYT9S8n0m9y003Fs9lbWlThPihiJMTxb87uSTIn18gTH1itcGHcC5Aqo3CBOvSeHW3R62i6G3S8d1vZYTHWKmpKJ5yqVaNHJzFKFHVuay9BlQpqR5RGMNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6b6d27ba6db768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
ads.projectagoraservices.com/ Frame 8F69 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Wed, 01 Dec 2021 14:55:13 GMT
z4v5tjuay8pRn0ELojOWq9G6rJvN37uYGKDoNo6gStYeaWwGMYsnvfDRfcwEpT0FF91xMiUzGuMZiWoMHZfpWLc26TsDi-5ybZwmWrxM0xGq8uN3qnw6gIwr6c-CuZMf_mBE5Uu_46e-yG8VWIiIKDgvA1_g22h969E8Jrab5Qu29spy791Z3Dpy5aJZKAokZvQ1i...
aj1431.online/ Frame 8F69 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z4v5tjuay8pRn0ELojOWq9G6rJvN37uYGKDoNo6gStYeaWwGMYsnvfDRfcwEpT0FF91xMiUzGuMZiWoMHZfpWLc26TsDi-5ybZwmWrxM0xGq8uN3qnw6gIwr6c-CuZMf_mBE5Uu_46e-yG8VWIiIKDgvA1_g22h969E8Jrab5Qu29spy791Z3Dpy5aJZKAokZvQ1iwcQ3Ty5cs6L4fHWYZKv0fMcrmoIzR2_zWcSenhzMokP5SXoSTudMmqlupD7CDXfFHtaN9lWgZaD3p3g8b8relnFDHzWZUiJeFgLwhP6ljT1-_TNdsa1YJLCnObIXZHOgOvJWhVlPds8i1y9LexqtiQAT_-xBz9DtA7OWHEmvXydp6T5X7F8l9Wj7vDSErzU0NA3Q6hm5XMKWHSZmAivqZ4tvrzaTRAWI?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
gazetaexpress.com.1000638.js
jsc.mgid.com/g/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.js
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ab3ea4f82d50e5b29ae75ec77bae66f932f91e965ccb48e63892d9a0666006

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
age
940
last-modified
Tue, 30 Nov 2021 12:41:59 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
2ZSH77Z0BWMCXQ6G
x-amz-id-2
E71nCDu8KIcoIbONs97hX+4V3pDFCu7YQN5f5sr5FrhBpzMO3XXuqO3myQwmxN1amhKdlD+WGGc=
cf-bgj
minify
server
cloudflare
etag
W/"cf17fe9e52ff28830a8744df84d43e85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6b6d27bab9332c0d-FRA
expires
Wed, 01 Dec 2021 17:55:13 GMT
zC7yvMj3Y4sHGe1yY92uzqNK1Wl5tJi4tH6nGUsNXmj-W8JxekkQmyAn9DiU55gASpVv6CP94iqOvaJ1xAkRrVvPtrGsXG22JyMU4NhMTHJ4ObxjDtAzbZCwSldP-sxh_XrNGyv6aSqNCIRWzYtw-m5hS4XfG7AHxYyejerMAVqo36PekuIZ-fLZXNlUmVbaaZamq...
aj1431.online/ 		43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zC7yvMj3Y4sHGe1yY92uzqNK1Wl5tJi4tH6nGUsNXmj-W8JxekkQmyAn9DiU55gASpVv6CP94iqOvaJ1xAkRrVvPtrGsXG22JyMU4NhMTHJ4ObxjDtAzbZCwSldP-sxh_XrNGyv6aSqNCIRWzYtw-m5hS4XfG7AHxYyejerMAVqo36PekuIZ-fLZXNlUmVbaaZamqcvQbIXPBynK1eyaTdB6VTrRCESxOMrDB4MaGTC1n6LRHeuijnuWDw3DV9N33t0X4h7VPmRPuX_nvFc15bEwzOzaQnSPR9ZTXNKKBPdE9dTbcVwim74FNO0aW67PebuN7ak8JmRb80wLXBkNQlf_h9uofjVtel2YXBsOd9DBO6LZuHAzM2gcKnofx-2cKvPirqzyQmGAG6cEz8FuX3Mv4m9rdEMfUkMgcC3I?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 7C57 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Wed, 01 Dec 2021 14:55:13 GMT
z9wDLI3VYAy7r85RVKdgrYt0quQ0oaze3jyNXWfoXLu_SPs144e_4JtBs1KEeZt6MHHlTaAlqVTKl0IYAPxkOWosdDRBk42ICKhmMaVYqHPumNfMWtIgXDnQmftT4lsVZ8gh6lp0uAydEJV_AJP1uE273c1HB09dfg1lVjB3PVgXzSQ5ygjUgVl8GJR1kPW56uqnV...
aj1431.online/ Frame 7C57 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z9wDLI3VYAy7r85RVKdgrYt0quQ0oaze3jyNXWfoXLu_SPs144e_4JtBs1KEeZt6MHHlTaAlqVTKl0IYAPxkOWosdDRBk42ICKhmMaVYqHPumNfMWtIgXDnQmftT4lsVZ8gh6lp0uAydEJV_AJP1uE273c1HB09dfg1lVjB3PVgXzSQ5ygjUgVl8GJR1kPW56uqnV35wz-WaP1Y_nYVSZlu0A_Fu-XDUIGeG6BmkISrAomU6wPhzPCXyrktQmaFDdj27KPO72CGXf3Ubfc4pPiCtSNHEJ2yXBqfphjiKqE3NebR93GpP_ciaFRvDI0SGTlT0viWAF9_ssckn_Mwm9IzIkEo6WungY_v5ZMijnwL5FEAJuLTtvI8Ct-aNzblG0TKpiFgLgx4jucKY2YcPIN7Gq6ckCtbl3yJVONw?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame D8F9 		13 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3108303dc4c635fdd0ab7d1cf121cf92084bf7eccabf08416f7f5a959f255b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 13:20:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 14:55:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 14:55:13 GMT
site
video.gjirafa.com/Content/ Frame D8F9 		345 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Content/site?v=iAxlA9ljy3d4x1BiRPo1Nu1g-R7IiC94jwHDAsHQn4Q1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3fd0ccd043012e60ca1bae33dc7b3a4e98e8777562453cef72b4c49d7b49b18a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=269ffjXls8P1SplzfyiA2%2BASVzA464lyuhNV7%2FSWjC8SY6n6H%2B6vE1grKjDjHAjDGH8NIS0k2DqKJx%2Bmivr%2B4Wu7OMLudDZ4MBkJ2UVDnwe214pBv6qic%2FiCl3FEF%2Bnmk4Ww"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27baab0e5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
style.css
video.gjirafa.com/Scripts/vpplayer/build/ Frame D8F9 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3d834a321bc0e57dc8ecae64d072e06d159a88607e6f04ec1848d2837739153d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4291
x-powered-by
ASP.NET
last-modified
Tue, 28 Sep 2021 12:18:46 GMT
server
cloudflare
etag
W/"0d718fc62b4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GNeRD%2B93VmG6mIgJjkAXmyyDruPWLwV0Ux5qE2Wm87IaFVhPtooi4%2FMISVsF6w838OwBH0vKFQYmoH5Ge5Qn%2FnHsQO4c%2BQJEaSYkgAWo16yk9cXX%2B%2BraqEn%2BBG2b%2FixlLJv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=50989
cf-ray
6b6d27baab0f5c02-FRA
cf-bgj
minify
dmp.js
gjstatic.blob.core.windows.net/fix/ Frame D8F9 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/dmp.js?v=20211201
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ed53ed357014f85bcee2323c5309a7484f76b17ee01525d5b3a72b44103ae8ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 01 Dec 2021 14:55:12 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Bnbb83I/bFVsahHj4ss2dQ==
ETag
0x8D8DC207C6823F4
Content-Type
application/javascript
x-ms-request-id
ddd08cb7-201e-0055-27c3-e63a32000000
x-ms-version
2009-09-19
Content-Length
7325
ap-gjanout.js
central.gjirafa.com/js/ Frame D8F9 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/js/ap-gjanout.js?v=2021120103
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1cd0a8928da3ec8d91a8f255c226edddb3a20eb6aab9c0a6a02071309b476d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2363
x-powered-by
ASP.NET
last-modified
Sat, 08 May 2021 13:14:54 GMT
server
cloudflare
etag
W/"1d7440c2282db6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbgMiL6MDqGApBNWDRD%2BhkunnTZ3H0CA6FTjuQW2J9ebUe2FXlu6%2FsVkv7O1qO9m%2Bjba6lNjpKrNutHl6GQS3jnhBNcM9Mgp%2FkUaSK5d7UJRWcJrgZaKefvi05eznszm3Jyfwbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=16495
cf-ray
6b6d27babb305c02-FRA
cf-bgj
minify
logo-white.svg
video.gjirafa.com/Content/gjvideo//img/icon/ Frame D8F9 		778 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.gjirafa.com/Content/gjvideo//img/icon/logo-white.svg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 12:18:46 GMT
server
cloudflare
age
4252
x-powered-by
ASP.NET
etag
W/"0d718fc62b4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWS6e9UfuYbyUeU5KCoVhDT2nIihoFyidArGCQH3JQRIObnDrd0Azn0CzJgE5P%2F2ZwuMJWUnyW6kcoImHHvazekYvLXECIj1yIIg4dDBicdItIV1eWqatPxmu62USC0jsgqB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6b6d27bbbdbe5c02-FRA
polyfill.min.js
cdn.polyfill.io/v3/ Frame D8F9 		101 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2681477
detected-user-agent
Chrome Mobile/96.0.4664
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Sun, 31 Oct 2021 03:09:09 GMT
date
Wed, 01 Dec 2021 14:55:13 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/96.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
signalr
video.gjirafa.com/bundles/ Frame D8F9 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0a9ca323fd958deb81838927501171b22514405a7194b65ba5481ece50f924e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY6oU2eY875ceXmZJxrth3z611CXHnsGIUbDCH4hSW%2FeI0Tek2pOd42LgvccJEDF25lBsBfs%2FZ63VQRcRHMDXQRG4kX13i1BmMcYdjqF1imJJgWvCyMZ2jSAp6ar1zrmbIIj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb7cf65c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
signalr-hubs.js
abdyli.gjirafa.com/api/storage/scripts/gjvideo/ Frame D8F9 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abdyli.gjirafa.com/api/storage/scripts/gjvideo/signalr-hubs.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.191.167.178 , Albania, ASN206262 (TELKOS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a72bede3e458cf0f0a418b051e1b6e8ebc245c75a7ac2561392ff05604db2ae7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-backend
gjcn1
age
17079
x-amz-meta-cb-modifiedtime
Thu, 17 Dec 2020 17:01:14 GMT
x-backend-age
162585
x-backend-f
void
content-length
8022
x-varnish
488206546 472265049
server
nginx/1.18.0 (Ubuntu)
x-backend-g
10s
etag
"af752ffe72576055e523a2dceb9c1fe1"
access-control-allow-methods
GET, OPTIONS, POST
x-amz-request-id
tx000000000000000440c51-0061a4cf00-230428-eu-west-1
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck3
x-rgw-object-type
Normal
x-backend-s
24h
accept-ranges
bytes
content-type
application/x-javascript
access-control-allow-headers
Range, Authorization
analytics
video.gjirafa.com/bundles/ Frame D8F9 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/analytics?v=9PZRP6wUWU4pIR1ayO-IfFa0G9UxkKunVgVG8_tluHo1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
95a999c46c2e0ff7478abb0b288a1037dafb926b877cdc9e2b65869899cd3755

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAEiPmic52uHjvPqe1feMZ8g4R3n3ovK5iVgLCu8lzK6BKePlCG0UBT2Pf6X7OH4otKK1eMwi1O%2BRN%2BBfpoUNdgyhwfhAiU869I1pF1imCTQ8UYCo4r1rgDJFQr3AoceYHpI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bbbdae5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
lib
video.gjirafa.com/bundles/ Frame D8F9 		228 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/lib?v=RYQcCYyrazlxFQJAZ0GNOxMgLCfmAtiPGUxKn1uoL5Y1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2198ad154f30e2a57578a4a0b23e359f8e4a3f1c3e20cab5b8938f77a0fa6268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wak89ydg2ijiMeAvmWGs6PQ7PrcFlTnc15EMyzSKvrIgsWRKU5FAYDdQM57GXoGdSMYN2tZ%2FUSM%2BRHi08ODeN4FmYsLIqzJV9%2FpNuuDHYqMLjof2q7VC4BcuNh6vgP%2Bidny"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bbbdb25c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
main
video.gjirafa.com/bundles/ Frame D8F9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/main?v=seYNLxYgxeYyKaXIChZc-QCK7R0sPerdPht8g4Lpx_o1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff78a6c60d0a125443167a6d8c77a05cde5a1f578574d99ab39fc7f3bc0ff5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfsNz6%2BnobPAM57G4q%2FyBMC1s4d3MGw2tfFI%2BfOmQ5bObGeKzzbPZJkIx%2Fmu48g%2BD27qogod%2FqBprDpt4iSI3kgK2rdIaLjwdeRkdCt0CDVIDNbN%2FxnQdvtJo7Iq37VZ9hhv"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bbbdb65c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D8F9 		374 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Wed, 01 Dec 2021 14:55:13 GMT
2
video.gjirafa.com/bundles/hls/v/0/13/ Frame D8F9 		225 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
88c985dc15ee32a2768667e9db261e22ef98df50334b5475725779c32eedffb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJHDcQcUAEKpm1tD8BHLXg2%2Fzt4FpTpMLI80JsweclhW9y880y1LdltAakkIpkanugPTr8yqyw8SNNXhNs%2Fsn8wHxC4bw0ZctCRuxXWhUotxQotGhYSKN6lNPopztcgVfy2j"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bbbdb85c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
video
video.gjirafa.com/bundles/ Frame D8F9 		281 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aca056c26e4f269ca1128e03be8f51dfa8d954fea61824c2a4b058c16305eaed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdKpTvry%2FDf8VrzGGRW%2FDDK5w2xV2N4CodYI82B1eoSFZttQAp30iBwJhZMHf7Y0wOZsLU7%2FzYXwZFDk9Tyn8EcSQHQa%2FX3POwIqh%2FDwMPmgdOnGSswfLuO42dmDiQX30W1G"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bbbdbc5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
live
video.gjirafa.com/bundles/ Frame D8F9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/live?v=ANAULLJDQWiAMKCh-OOFGbhfEIzK-NX9ek8nnR6TMPk1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3b87ef99a95aa391f13d79969e45c5f492992b8512ff7c1ce8d98c853f0439e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSA5vPvnILt%2B8aidI2d0ZLYJwpEgtnKhtSbYtVHyKTusMkoYTgO9SMUycBLeBj2yGumt6PsprYum3lZHCVmmS%2B864vStdKzrKtee3BMxJoUGcCd8RRVFdGovU4hip4%2BjzYkN"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bbbdbd5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
css
fonts.googleapis.com/ Frame 26F4 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3108303dc4c635fdd0ab7d1cf121cf92084bf7eccabf08416f7f5a959f255b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 13:02:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 14:55:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 14:55:13 GMT
site
video.gjirafa.com/Content/ Frame 26F4 		345 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Content/site?v=iAxlA9ljy3d4x1BiRPo1Nu1g-R7IiC94jwHDAsHQn4Q1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3fd0ccd043012e60ca1bae33dc7b3a4e98e8777562453cef72b4c49d7b49b18a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIVX2Hf9DJCe6KJuctN%2BfeOsEpnQUK3jilkkrAPVCOnFVoSNKel2K0%2BjHSHYzMgMTToE8mt%2BJgSvR67L1H2CMFaaIasqmgIpLx19GIqGpIHl%2B58LyYzzBauNMX6Oyesjz0OC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27baab175c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
style.css
video.gjirafa.com/Scripts/vpplayer/build/ Frame 26F4 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3d834a321bc0e57dc8ecae64d072e06d159a88607e6f04ec1848d2837739153d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4291
x-powered-by
ASP.NET
last-modified
Tue, 28 Sep 2021 12:18:46 GMT
server
cloudflare
etag
W/"0d718fc62b4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziSjecBJoldAIdG%2FEuiebbZ9CPnNmduaWwCZR3dRp32YCyjFJm8PM%2BQz8jEhp%2BcJVFxkYX3r%2ByFblphMI4MoadWM3TTSr6Yfzn9jR%2Ft5A%2BZfe%2FyUf4oVGfQdyavMERO58M6D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=50989
cf-ray
6b6d27baab185c02-FRA
cf-bgj
minify
dmp.js
gjstatic.blob.core.windows.net/fix/ Frame 26F4 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/dmp.js?v=20211201
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ed53ed357014f85bcee2323c5309a7484f76b17ee01525d5b3a72b44103ae8ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 01 Dec 2021 14:55:12 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Bnbb83I/bFVsahHj4ss2dQ==
ETag
0x8D8DC207C6823F4
Content-Type
application/javascript
x-ms-request-id
ddd08cbf-201e-0055-2fc3-e63a32000000
x-ms-version
2009-09-19
Content-Length
7325
ap-gjanout.js
central.gjirafa.com/js/ Frame 26F4 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/js/ap-gjanout.js?v=2021120103
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1cd0a8928da3ec8d91a8f255c226edddb3a20eb6aab9c0a6a02071309b476d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2363
x-powered-by
ASP.NET
last-modified
Sat, 08 May 2021 13:14:54 GMT
server
cloudflare
etag
W/"1d7440c2282db6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYC9Ag4xeHiBOMJ17rRVZfjONucazO7Iag5norUufdNCF6B1hGhNiVGIAmAwa9xvio4OzahdbFY%2BtUAy3ZHDDGqQwa9Xch1sNUpAg0R6LzXFWJM3Ue4pzZwdY5bsz3BNC0PwXUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=16495
cf-ray
6b6d27babb2e5c02-FRA
cf-bgj
minify
logo-white.svg
video.gjirafa.com/Content/gjvideo//img/icon/ Frame 26F4 		778 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.gjirafa.com/Content/gjvideo//img/icon/logo-white.svg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 12:18:46 GMT
server
cloudflare
age
4252
x-powered-by
ASP.NET
etag
W/"0d718fc62b4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRD%2FQHe2IbX6mdrJvJBt61hAKvqCRrCXpt%2FXEO8kTWN6DOYJoBQTyIRO%2BHPa367eOR7X%2Bv8YiRuDamQ7CGmQeBD7bqv55XPZWg2go1tYUc2pa%2BOPoLGoMv40xcaH%2B1wddoSM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6b6d27bb6ccd5c02-FRA
polyfill.min.js
cdn.polyfill.io/v3/ Frame 26F4 		101 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2681477
detected-user-agent
Chrome Mobile/96.0.4664
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Sun, 31 Oct 2021 03:09:09 GMT
date
Wed, 01 Dec 2021 14:55:13 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/96.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
signalr
video.gjirafa.com/bundles/ Frame 26F4 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0a9ca323fd958deb81838927501171b22514405a7194b65ba5481ece50f924e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX8a1D45b1ku3B1gdceozkf7fEVdPaUAdacPnMGvxY%2FUVU%2BGAU6zmasymtHb5JJ9Hm1EOX37fTsVOnMgk%2FkLFceABIa3LsodUIYYXa9uyFRRrlXKtIN3jYu%2BKkKL4PGJE4uf"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb4c8c5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
signalr-hubs.js
abdyli.gjirafa.com/api/storage/scripts/gjvideo/ Frame 26F4 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abdyli.gjirafa.com/api/storage/scripts/gjvideo/signalr-hubs.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.191.167.178 , Albania, ASN206262 (TELKOS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a72bede3e458cf0f0a418b051e1b6e8ebc245c75a7ac2561392ff05604db2ae7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-backend
gjcn1
age
17079
x-amz-meta-cb-modifiedtime
Thu, 17 Dec 2020 17:01:14 GMT
x-backend-age
162585
x-backend-f
void
content-length
8022
x-varnish
490744762 472265049
server
nginx/1.18.0 (Ubuntu)
x-backend-g
10s
etag
"af752ffe72576055e523a2dceb9c1fe1"
access-control-allow-methods
GET, OPTIONS, POST
x-amz-request-id
tx000000000000000440c51-0061a4cf00-230428-eu-west-1
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck3
x-rgw-object-type
Normal
x-backend-s
24h
accept-ranges
bytes
content-type
application/x-javascript
access-control-allow-headers
Range, Authorization
analytics
video.gjirafa.com/bundles/ Frame 26F4 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/analytics?v=9PZRP6wUWU4pIR1ayO-IfFa0G9UxkKunVgVG8_tluHo1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
95a999c46c2e0ff7478abb0b288a1037dafb926b877cdc9e2b65869899cd3755

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV4NSGVurYWuSLBz%2FJlnRYy9s5HYLyndz%2BTROlvcmYuDesMQaRhO9jvUDLgdSyb6lLH3qmWRAHA%2B6VsYe1FRzsHAlgrrfIPdbNxqzht5osdN6ndjIM5XXvbUb5uGE5j899ps"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb6cc25c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
lib
video.gjirafa.com/bundles/ Frame 26F4 		228 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/lib?v=RYQcCYyrazlxFQJAZ0GNOxMgLCfmAtiPGUxKn1uoL5Y1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2198ad154f30e2a57578a4a0b23e359f8e4a3f1c3e20cab5b8938f77a0fa6268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoyZ7ix6futuBXzNoPOO8Dy0zyhyUlXIvH1%2F9LWk9HtkX1yL04YIhFqs%2BwFX7frvO8zmSfFdYnr%2Fs6rILtVphmyGjwzIMiy3o9lSDMfpG%2B36zcmkjFMdOgTJoKjVhW1nfnQo"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb6cc55c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
main
video.gjirafa.com/bundles/ Frame 26F4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/main?v=seYNLxYgxeYyKaXIChZc-QCK7R0sPerdPht8g4Lpx_o1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff78a6c60d0a125443167a6d8c77a05cde5a1f578574d99ab39fc7f3bc0ff5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwY4JHuTUYE30AygZA43yQyJyyyoy6VXRDQk5JBMXwlrktKPDwnuHXK3oc4XRCrBHtFI5FXrnWPgxWVoJvAnWgtZtxc8e%2BeGjT6EfH7M95vUNp5gJPgVNPJPdOFFx0yxD%2FQ8"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb6cc75c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 26F4 		374 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126291
x-xss-protection
0
expires
Wed, 01 Dec 2021 14:55:13 GMT
2
video.gjirafa.com/bundles/hls/v/0/13/ Frame 26F4 		225 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
88c985dc15ee32a2768667e9db261e22ef98df50334b5475725779c32eedffb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUeIV2OkDSUAkN7X9jr5v1TimBAzhAmyJ8tehL2G6ritj3nWKpnkL7Gii98LswHWq48ivyXQHRqZrry%2FINb4INfXGPdR11SSGKFlLGWTlBAN%2B6yn2spwjU5LNrfov2WcInkQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb6cc85c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
video
video.gjirafa.com/bundles/ Frame 26F4 		281 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aca056c26e4f269ca1128e03be8f51dfa8d954fea61824c2a4b058c16305eaed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tc1FunZuBEmCwXs7xkV9OcKe8rMzfiloJrxuEfthnBd%2BZIyvXoq6U4c98wOfvLH0uMlEf4PC4UMUxVlcuelQ%2B%2FVVObWdaoyrQ%2FAykg58CVS5Gb7OEwZtFbDwGUSk7U5XCfOP"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb6cca5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
live
video.gjirafa.com/bundles/ Frame 26F4 		2 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/live?v=ANAULLJDQWiAMKCh-OOFGbhfEIzK-NX9ek8nnR6TMPk1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3b87ef99a95aa391f13d79969e45c5f492992b8512ff7c1ce8d98c853f0439e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 14:55:13 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PkhlE4Q22mstdBFGG6ypB0MqjHdEf5XAKcG%2Bb%2FxJDjDOVoCTnfeSAim8EfABLKUT5b6RRNJDQSHJgvV976vE9D8WpAvl6SjzCT98Iq3rCTOFi%2B5sUWtIS1liYE5h4BJT6hj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6d27bb6ccb5c02-FRA
expires
Thu, 01 Dec 2022 14:55:13 GMT
/
ads.projectagoraservices.com/ Frame 3914 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Wed, 01 Dec 2021 14:55:13 GMT
zPvqwqu9pvb8WU8I1YX_DUbSx6HjTBbZMtjd8bhGMe05LAhzRouxucoI3QLy79QO93hxFaZuppYc-U2Aiuji8PDVSQZNOxXlhv40FSdzpeTqVop2AtuJAieOOli89icm_1mOKceyb8_ECByl6hBnroRpNipCfoHUSiAMh6Tydl6OrG6uBRFKhCcuHRBxtC9Fy54-1...
aj1431.online/ Frame 3914 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zPvqwqu9pvb8WU8I1YX_DUbSx6HjTBbZMtjd8bhGMe05LAhzRouxucoI3QLy79QO93hxFaZuppYc-U2Aiuji8PDVSQZNOxXlhv40FSdzpeTqVop2AtuJAieOOli89icm_1mOKceyb8_ECByl6hBnroRpNipCfoHUSiAMh6Tydl6OrG6uBRFKhCcuHRBxtC9Fy54-1cZjl4aDADc5dM5dKI4kHgd30XuHf3hKfkGVm-FujkN6alVpSpuZxhhRCVUX468_BMFIFR8I6y4x8dlsR-2KYPS8_6k3Cxk9gGPTvoMcI47kZrvvAzWNF9SOyu3VY_fvOry_t5PLm_WB4DIpW11dcHd-7_mMQYdPhzzVrFZPRSjq3A1oo_eBLPKRSgzZp6J8PpJXfzC09jOaE0CScgCekEUB159O8DnAa?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame C269 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Wed, 01 Dec 2021 14:55:13 GMT
z-HwW4N9buocefYoas3HygMPZV2UUYj9cyaoz0J75jlq8bqd0fQC9JGy4BWwsTnx6-77hJTA2goro-UvZMi6KHO8ceAgiz5eAL3rYvI8CZ4VKDXd1vWiWTsb2Smwdb1XQVeWYZAlUIz2ThkRS2F9ELpEa6_ZFONTPb3s0o2M63GLH921a2muuEiNXb0cGf_7GlzrK...
aj1431.online/ Frame C269 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/z-HwW4N9buocefYoas3HygMPZV2UUYj9cyaoz0J75jlq8bqd0fQC9JGy4BWwsTnx6-77hJTA2goro-UvZMi6KHO8ceAgiz5eAL3rYvI8CZ4VKDXd1vWiWTsb2Smwdb1XQVeWYZAlUIz2ThkRS2F9ELpEa6_ZFONTPb3s0o2M63GLH921a2muuEiNXb0cGf_7GlzrKgnpFVyhgKAbhA7GgYXPQEjGZD2gaZHBl7F8LLjOLiY-yp6fcUaOdIY-yFsdAEqq3ELnmNY_gRNcJKFnQYNW9srUKaBUdc97uUbTrw1kSunk2Ax_9LKki81G8VZCn1TtgV6nWvrCYqyTive2OyDv-lbK-4A93sR1qH35rRYZtE8QiUslHuZI1CPJV1PHjUts_Vqvz5akUp4i655WVcRHhe0UhsTIADpAA4w?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 0CB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1174
expires
Wed, 01 Dec 2021 14:55:13 GMT
zlczU91Xa9jikozOyn039j78pBsaikT_q3gBTQvkJROIdjQy2kZ_Up5hdcA-Z08fkpzLbAM_u_QMrZcK6RSj9RNXkE042X2ROIBF7W61r8LKUXT6u9bKWvu7OSKNDT8VLwnz5KT53ocCc3VFEJ2DNAW60FKfk8z-YYEHPo27Qe0EmwgiSih4vnl5AgHZRQ3h1F9M3...
aj1431.online/ Frame 0CB2 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zlczU91Xa9jikozOyn039j78pBsaikT_q3gBTQvkJROIdjQy2kZ_Up5hdcA-Z08fkpzLbAM_u_QMrZcK6RSj9RNXkE042X2ROIBF7W61r8LKUXT6u9bKWvu7OSKNDT8VLwnz5KT53ocCc3VFEJ2DNAW60FKfk8z-YYEHPo27Qe0EmwgiSih4vnl5AgHZRQ3h1F9M38b8uKANxrx08l38LGcrbby5-dz_DkGB3w5FZHP-Bph-aQcgONC6gRP3YS87kO_j-Q-LcYjtyx_jl2nApDFYC50uVBND9kcnX8PjOzCHh-YTRxeEKvDUyGgGYSqpvlxbAUlsLVfh0NuF-k92Ymv0uCVOSW_TLocBf6-rFFR2BMDjQ4ovX4f6zAvFedaK7QEYewguQrcPAQAIkMvS1nH_th4njRPA8kp-q?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 53FD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Wed, 01 Dec 2021 14:55:13 GMT
zAX0jUpxKt82198SlOmZkU-MH1zCFYjpL2dCFnpvbHvJ6efYa2Lo0NsTXCB3KEYnF_mZb974JZlRhiF_jImFuyiUZhZgO8zNxn10tq9mcYr579xY1DqZExiip5q0LCS-eSzec0Vq9s4ZwczRsRoWjoCSc-Vjq7EGoiUehDhxAGdwhgItJkgBIo8iBiAYomuuVRTvI...
aj1431.online/ Frame 53FD 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zAX0jUpxKt82198SlOmZkU-MH1zCFYjpL2dCFnpvbHvJ6efYa2Lo0NsTXCB3KEYnF_mZb974JZlRhiF_jImFuyiUZhZgO8zNxn10tq9mcYr579xY1DqZExiip5q0LCS-eSzec0Vq9s4ZwczRsRoWjoCSc-Vjq7EGoiUehDhxAGdwhgItJkgBIo8iBiAYomuuVRTvIaNNa4RLEzwQhN044yvtdXmWDIB4z0GhyoYH21njnLK1MjP7uL94shE4pj4nRR0DPyFDQr3SO-IA6Wizk_u_RVnKBZSg7AzjVIVbVrWuew7jQMQUBRvUqFbHa60pWL4hShjyGsYGnefSJAprW9PE6VdfUo-aKWO5MhyqW8eo0AhF4CnSh4O6V_Yf3yL84Y1tQ-qQgua98OKlCSGU0mXFqX4GwUeSW0TVn?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 1051 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=6750
Requested by
Host: aj1431.online
URL: https://aj1431.online/041528fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1418
expires
Wed, 01 Dec 2021 14:55:13 GMT
zGs5aclZCGeUYdWf7VybzhogQyi-59_9SGuPo5oglULidoIwx-Iit2nz0IgSiUISseIkuttev3F2YkhMY9o7CcIiY7ZazNRA6aZMhMjPWjdU5o50drjIkPMBzoF6Q99iYZyJoRDPN-_mHm8giE6GMl4kZjfGhh8iSHhcbMcVRXfGvgGMZAXvbIyQcpfAhHm0i44-v...
aj1431.online/ Frame 1051 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1431.online/zGs5aclZCGeUYdWf7VybzhogQyi-59_9SGuPo5oglULidoIwx-Iit2nz0IgSiUISseIkuttev3F2YkhMY9o7CcIiY7ZazNRA6aZMhMjPWjdU5o50drjIkPMBzoF6Q99iYZyJoRDPN-_mHm8giE6GMl4kZjfGhh8iSHhcbMcVRXfGvgGMZAXvbIyQcpfAhHm0i44-vGMfyDiEa6AdRrCiijZdXLVQscFAl2NVHifDCVDOoUK4yHlrPtyB4u3fSTV81hsbPMMW8W8Teil0MK8lFwSawofoe3ruc9g88n12e6PKiXS-IXp4CZIHOZqaxfDrtbdlFolSkkQO3gP-z8tEhAx9K88fV-hj38w8unguqsyNFqsHV1DVT0ceiX3HQyj88YMd4ZeBzm8bfEHDV7B4qhASjtQ13geyIdaud?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:12 GMT
last-modified
Mon, 22 Nov 2021 16:34:40 GMT
etag
W/"43-1637598880000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 1E15 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 1809 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 7C57 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame ACC0 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame C269 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 8F69 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 3914 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 0CB2 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4361
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 53FD 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame B025 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5043
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame E187 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5043
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 1051 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=6750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:43:28 GMT
server
UploadServer
etag
"ab106322a67600becd8aad86f9e06b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=EMIgqg==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdu4ItINN488YSsJ7CtRQHk8e66FvnBxvI2-I7vCLoB52G_-lCq6e0dnjuTcMta29MiCOgefvWpiT0W969HOuQ
content-length
6854
expires
Wed, 01 Dec 2021 19:55:13 GMT
gazetaexpress.com.1000638.es6.js
jsc.mgid.com/g/a/ 		250 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85f926ae2b48db2ef99fc41609d19b59d5b99dc197f6518eb8b848d37285b07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
age
940
last-modified
Tue, 30 Nov 2021 12:41:59 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T7215R4DSE92K2KJ
x-amz-id-2
JV7w10noNdUBxUzFU/Qls/UipembuSfyhAPx3HPeIySk3dse/uCjTRSLUgRGbMl2QIjoVEBxv+g=
cf-bgj
minify
server
cloudflare
etag
W/"0f10f6434a3d81e913ba3bda5fee1158"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6b6d27bb3f8a4e08-FRA
expires
Wed, 01 Dec 2021 17:55:13 GMT
mgWidget_1.11.65.js
cdn.mgid.com/js/wglibs/ 		359 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46480d7c4b292a057462dc9b7c854504a5807063e2788de35245b56b7385b4b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
age
1844
last-modified
Tue, 30 Nov 2021 12:20:18 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
YQSHFCFW62JSZGCK
x-amz-id-2
YvRDd7o4epooJgBLVwmQjXyWLeMdbfcYbE7Sk9M7BI1wYLZQrGRPPGwUMxDv7zdvdbgxX1i15gw=
cf-bgj
minify
server
cloudflare
etag
W/"908bfbb7928e4c9194c6855956b791fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6b6d27bb8a882c0d-FRA
expires
Thu, 02 Dec 2021 14:55:13 GMT
sdk.js
connect.facebook.net/en_US/ Frame 26F4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
755f89d0eea5f87d2ac27c8a74dc937cd86888faa4bc36d98d7dc8515a5575ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SkQkw9BtdxZ5JhIzoBKoKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 01 Dec 2021 15:14:33 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
0CS3KIc8TaqBtcv4OychGHXieaMJIGkVIIq1DstD+U1ftIsSzAsw5x2T0kWCxreISeH97P3B1AAMtNxgWJm52A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
5c52bf89fcf950ad6b33cb921b8fb8ad
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 14:55:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1fe37ab0c3422298497c8f5b26397225"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
central.gjirafa.com/ Frame CDC1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/
Requested by
Host: central.gjirafa.com
URL: https://central.gjirafa.com/js/ap-gjanout.js?v=2021120103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4095a1a9a7efe4181f300a025d74991db573c89c2700f2e5e616179716e90e73

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-type
text/html; charset=utf-8
cache-control
public,max-age=3600 private
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMDvWTIKxCtDLsRcv5VpTtEtPWTffIW6v1qgDuX0OA6XtEMv2drL39cnlC2PwAvbpO44caIqyuiSjd1GDQMgKeRxU5%2F1C3vCIGL0ugmKPvePy1OBL3nc9Sj5%2BTRZG1u95Rqtys8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b6d27bb7cf45c02-FRA
content-encoding
br
t7.jpg
abdyli.gjirafa.com/api/storage/gjvideo/images/channel/desktop/ Frame 26F4 		970 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abdyli.gjirafa.com/api/storage/gjvideo/images/channel/desktop/t7.jpg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.191.167.178 , Albania, ASN206262 (TELKOS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4cb1f6abb1e72d4adca63209b1f29cacc469a9f553ce535a5c9ccccb186fcb1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
x-backend
gjcn1
age
16757
x-backend-age
0
x-backend-f
void
content-length
970
x-varnish
490849464 481019711
server
nginx/1.18.0 (Ubuntu)
x-backend-g
10s
etag
"04a49ecaf9ce08cc37760ad665fd03a1"
vary
Accept
access-control-allow-methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000063e5ac-0061a74b5c-230428-eu-west-1
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck3
x-rgw-object-type
Normal
x-backend-s
12h
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
Range, Authorization
logo-white.svg
video.gjirafa.com/Content/gjvideo/img/icon/ Frame 26F4 		778 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.gjirafa.com/Content/gjvideo/img/icon/logo-white.svg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/Content/site?v=iAxlA9ljy3d4x1BiRPo1Nu1g-R7IiC94jwHDAsHQn4Q1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/Content/site?v=iAxlA9ljy3d4x1BiRPo1Nu1g-R7IiC94jwHDAsHQn4Q1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 12:18:46 GMT
server
cloudflare
age
4130
x-powered-by
ASP.NET
etag
W/"0d718fc62b4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWcPVbWb%2BIOECqNNl6mY%2BoiAmy%2FQOd7FZwrXsRXblVR4cnXbdfl%2FVLOtGy9ro9qwdA2YB125StZH692IggM8RIXHDe04tzi52FKqQrdiSjKq3q6hzCxIi%2FKA%2FQ68VGGlxMw0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6b6d27bb8d1a5c02-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 26F4 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://video.gjirafa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:57:38 GMT
x-content-type-options
nosniff
age
601055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 15:57:38 GMT
icomoon.ttf
video.gjirafa.com/fonts/playerIcons/ Frame 26F4 		9 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/fonts/playerIcons/icomoon.ttf?1pnmru
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
343483e966859b508cf4b8238578b7192357216f3a94ff3c823766aa4a7736f9

Request headers

Referer
https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Origin
https://video.gjirafa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 12:18:46 GMT
server
cloudflare
age
512
x-powered-by
ASP.NET
etag
W/"0d718fc62b4d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8HzdMyWe4m55NRkMJpyYIKhlfiF3%2FOzL13g9xiYg%2FtnOi9LEPfzvsrLX51KfBRpqRaKbOek1nwjM54RMsY%2B%2Brfqa625he8Ob3VFa15IFYL9gweV%2FQuylFMTzDbrktA4VLeU"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
cache-control
max-age=14400
cf-ray
6b6d27bb8d1f5c02-FRA
sdk.js
connect.facebook.net/en_US/ Frame D8F9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
755f89d0eea5f87d2ac27c8a74dc937cd86888faa4bc36d98d7dc8515a5575ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SkQkw9BtdxZ5JhIzoBKoKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 01 Dec 2021 15:14:33 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
0CS3KIc8TaqBtcv4OychGHXieaMJIGkVIIq1DstD+U1ftIsSzAsw5x2T0kWCxreISeH97P3B1AAMtNxgWJm52A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
5c52bf89fcf950ad6b33cb921b8fb8ad
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 14:55:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1fe37ab0c3422298497c8f5b26397225"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
central.gjirafa.com/ Frame 2AE4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/
Requested by
Host: central.gjirafa.com
URL: https://central.gjirafa.com/js/ap-gjanout.js?v=2021120103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4095a1a9a7efe4181f300a025d74991db573c89c2700f2e5e616179716e90e73

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-type
text/html; charset=utf-8
cache-control
public,max-age=3600 private
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jtOFgoCSGHC15PcrQNjUPQTFYAa0jLtHyJs0UoW%2BUZxEB0CxozSKPluUYaH5IUcFACPHtpTm3eOCOIefZiPffhEL8BZxk8rgIAnK%2FpTRRrRQYWvTPzSQAdk64vTmmDprJ8LgOU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b6d27bbbdbf5c02-FRA
content-encoding
br
polyfill.min.js
cdn.polyfill.io/v3/ Frame 26F4 		101 B
144 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2681477
detected-user-agent
Chrome Mobile/96.0.4664
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Sun, 31 Oct 2021 03:09:09 GMT
date
Wed, 01 Dec 2021 14:55:13 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/96.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 1E15 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
polyfill.min.js
cdn.polyfill.io/v3/ Frame D8F9 		101 B
144 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2681477
detected-user-agent
Chrome Mobile/96.0.4664
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Sun, 31 Oct 2021 03:09:09 GMT
date
Wed, 01 Dec 2021 14:55:13 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/96.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 1809 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame ACC0 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 7C57 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame C269 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 3914 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 0CB2 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 8F69 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 53FD 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame B025 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame E187 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 1051 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 13:47:14 GMT
server
UploadServer
etag
"1766ed9e832250268e13e963571b5fc5"
vary
Accept-Encoding
x-goog-hash
crc32c=WEArlA==
content-type
text/javascript
x-goog-storage-class
STANDARD
cache-control
private, max-age=18000
accept-ranges
bytes
x-guploader-uploadid
ADPycdvUaFNxf5_P7fcuJsqGvER_0xMlHoFLVhXCIU_k31HvJckc8sHKDF70HemO1Te1rX4OI6ZskdHVQ5mzEv6vVLk
expires
Wed, 01 Dec 2021 19:55:13 GMT
sdk.js
connect.facebook.net/en_US/ Frame 26F4 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c76433641c90a0d318965f5b9f675d3c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be9c57a84ecd522b1576dd1b29cc82837e2c0d7c389fcc541746b6202e527790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Origin
https://video.gjirafa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
btZuipXJLEMvc18hPTrdWQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 2022 11:35:24 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82873
x-fb-rlafr
0
x-fb-debug
/QxRMlYJbmZmWztU/pm06UPVlhy00M5W+oTZLW+pFhPLTYTEamnefWHOLQQ5RQp7RqeDPxC5RfOcsDT0Wt4ZiQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f1152796e7cead5ed64f3642e92d4e13
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 14:55:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5a3307dcc1ee0db8218b26f0aa0c4bb1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
wrapper.js
central.gjirafa.com/prebid/ Frame CDC1 		149 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/prebid/wrapper.js
Requested by
Host: central.gjirafa.com
URL: https://central.gjirafa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
abe22f93abc98bbb8f14be1b1c4057979f930c924dadf48e97dea45bf0e305de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://central.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
513
x-powered-by
ASP.NET
cf-bgj
minify
server
cloudflare
etag
W/"5VA7UdLxLqB4Szrqdl0zOD1hrkw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXBVqQCI7unqBfWxZyxmsBG3tXDv87PzHesngAJmD%2BXnQ8vfTTha%2B4GyPZKt%2BHUBoBvM4UKYrorAVQk9u9Tu0dqImOLzGOU1uJ8lavvrHwVHVsWfOTSfKlNY19g%2FhvaS3iTLlns%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-polished
origSize=152748
cf-ray
6b6d27bdaa7b5c02-FRA
sdk.js
connect.facebook.net/en_US/ Frame D8F9 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c76433641c90a0d318965f5b9f675d3c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be9c57a84ecd522b1576dd1b29cc82837e2c0d7c389fcc541746b6202e527790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Origin
https://video.gjirafa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
btZuipXJLEMvc18hPTrdWQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 2022 11:35:24 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82873
x-fb-rlafr
0
x-fb-debug
/QxRMlYJbmZmWztU/pm06UPVlhy00M5W+oTZLW+pFhPLTYTEamnefWHOLQQ5RQp7RqeDPxC5RfOcsDT0Wt4ZiQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f1152796e7cead5ed64f3642e92d4e13
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 14:55:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5a3307dcc1ee0db8218b26f0aa0c4bb1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
atrk.gif
certify.alexametrics.com/ Frame 26F4 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=357&frame_width=635&iframe=0&title=T7%20-%20gjirafaVideo&time=1638370513659&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.gazetaexpress.com%2F&host_url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&random_number=5206275612&sess_cookie=5d8cce3b17d767e12fb272f7b80&sess_cookie_flag=1&user_cookie=5d8cce3b17d767e12fb272f7b80&user_cookie_flag=1&dynamic=true&domain=gjirafa.com&account=FSv0l1aIF5y3zM&jsv=20130128&user_lang=en-US
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 04:15:02 GMT
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
38411
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
PmyiAlKh51dD3q_zCL_faDn6HCdpr-_T2pVhgDBEvsC_neXvjakJNQ==
analytics.js
www.google-analytics.com/ Frame 26F4 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6846
date
Wed, 01 Dec 2021 13:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 15:01:07 GMT
GetInfo
video.gjirafa.com/Video/ Frame 26F4 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetInfo?videoId=41202
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d0e4f70db323567f819f9a78af084b97bffed78c13113453262ee01765ea8352

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-html-minification-powered-by
WebMarkupMin
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRvlRsOu8w74ehtrNvpZe79eIy2aVMAcg%2Ff3Eo4QDPtXwFqcP1r5kZ11WspjS4ue%2BnKA9IsN2To19qIar2bwqgvTpyUU2v7Lu84tnGmHw6JqOSmwNoRG0iM2UHVljnLhf8zv"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-cache-status
DYNAMIC
cache-control
private
cf-ray
6b6d27becd4f5c02-FRA
atrk.gif
certify.alexametrics.com/ Frame D8F9 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 04:15:02 GMT
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
38411
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
roWrYWU5fMJ9Fkv2lFviAjZnbFIvYXO-SkKgTkFsQ9PpoDzlmpQOlA==
analytics.js
www.google-analytics.com/ Frame D8F9 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6846
date
Wed, 01 Dec 2021 13:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 15:01:07 GMT
GetInfo
video.gjirafa.com/Video/ Frame D8F9 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetInfo?videoId=41202
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d0e4f70db323567f819f9a78af084b97bffed78c13113453262ee01765ea8352

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-html-minification-powered-by
WebMarkupMin
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoXL4NqFabWIe2a1FHjqbl2eG7rRe5JMuhYOXs9We%2FQtMikdiRUVlxMhrz7guEN9EDpefT%2BnloA3SAOG1n2V5ydHa%2FHelOZfSiYekclfVgqPyS%2FqIcpnuTkc%2FAJ3zrjMx4cI"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-cache-status
DYNAMIC
cache-control
private
cf-ray
6b6d27bf2e455c02-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2799477278644123&correlator=1947426363175581&output=ldjh&impl=fifs&eid=31063845%2C31060889&vrg=2021111801&ptt=17&sc=1&sfv=1-0-38&ecs=20211201&iu_parts=74207979%2Cadxp_ge_sticky%2Cadxp_ge_in-article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C320x100%7C320x50%7C970x90%7C250x250%7C300x250%7C336x280%2C300x600%7C320x100%7C320x50%7C250x250%7C336x280%7C300x250&prev_scp=lmonebid_format_oftm%3Dbanner%26lmonebid_size_oftmed%3D970x90%26lmonebid_pb_oftmedia%3D0.11%26lmonebid_adid_oftmed%3D24ad42a55982c97%26lmonebid_format%3Dbanner%26lmonebid_size%3D970x90%26lmonebid_pb%3D0.11%26lmonebid_adid%3D24ad42a55982c97%7Chb_bidder_oftmedia%3Doftmedia%26lmonebid_format_sovr%3Dbanner%26lmonebid_size_sovrn%3D300x250%26lmonebid_pb_sovrn%3D0.03%26lmonebid_adid_sovrn%3D23af62e6980f596%26hb_bidder_sovrn%3Dsovrn%26lmonebid_format%3Dbanner%26lmonebid_size%3D300x250%26lmonebid_pb%3D0.03%26lmonebid_adid%3D23af62e6980f596%26hb_bidder%3Doftmedia%26hb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.01%26hb_adid_oftmedia%3D23aee127964c5b8%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D23aee127964c5b8&eri=1&cookie=ID%3De306d66859be8519-225274c21bcc002a%3AT%3D1638370512%3ART%3D1638370512%3AS%3DALNI_MZ3TvX2p3gQp6_aPa-BK0wXujTNsQ&bc=31&abxe=1&lmt=1638370513&dt=1638370513824&dlt=1638370511683&idt=789&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C-9&adys=1150%2C-9&adks=1438139209%2C1243139692&ucis=1%7C2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1%7C0x-1&msz=728x-1%7C0x-1&ga_vid=1938265151.1638370512&ga_sid=1638370513&ga_hid=1201867944&ga_fc=true&fws=516%2C2&ohw=1600%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
b63ae4e704abfda6c3799cec0767b2ad219b2a09640546dceda784fa8cdadb86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9396
x-xss-protection
0
google-lineitem-id
5846459701,5846459677
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373171121,138373171112
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A578 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 01 Dec 2021 14:55:13 GMT
expires
Thu, 01 Dec 2022 14:55:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wrapper.js
central.gjirafa.com/prebid/ Frame 2AE4 		149 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/prebid/wrapper.js
Requested by
Host: central.gjirafa.com
URL: https://central.gjirafa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
abe22f93abc98bbb8f14be1b1c4057979f930c924dadf48e97dea45bf0e305de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://central.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
513
x-powered-by
ASP.NET
cf-bgj
minify
server
cloudflare
etag
W/"5VA7UdLxLqB4Szrqdl0zOD1hrkw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8HdQqku2Dipt2peMHeREJ3Ek7D62d%2BHmsIOnIi%2FV%2FeD6KllvePWJN2kjeYaOrVplPqfYHNe0aLE%2FoMcYZIYAAOXBPP3P%2B3CmqCL6VWZZdC0IZ%2Fu7lSinUZ4EOC1rCaxH6PBunE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-polished
origSize=152748
cf-ray
6b6d27bf8f335c02-FRA
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame 777C 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Wed, 01 Dec 2021 03:09:00 GMT
expires
Thu, 01 Dec 2022 03:09:00 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 26F4 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Dec 2021 14:55:13 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 26F4 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 14:55:13 GMT
yzg0yt-retina.jpg
naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/ Frame 26F4 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt-retina.jpg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.249 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
75f5b51fa454f94ad8d73dca3108b1101d5c3c8fbe7b9f1d9d57d0c41273c3d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-backend
gjlenc03
age
3
x-backend-age
10
x-backend-f
void
content-length
27674
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
W/"61a78cbc-6c1f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
814306177 814576226
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck1
x-backend-s
10s
accept-ranges
bytes
content-type
text/plain
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 14:55:00 GMT
bridge3.490.0_en.html
imasdk.googleapis.com/js/core/ Frame 1E9A 		595 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
197951
date
Wed, 01 Dec 2021 03:09:00 GMT
expires
Thu, 01 Dec 2022 03:09:00 GMT
last-modified
Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D8F9 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Dec 2021 14:55:13 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D8F9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 14:55:14 GMT
outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 15:08:40 GMT
server
nginx
etag
"4885-5cc0a12ca1c8c-gzip"
vary
Accept-Encoding
x-cached-since
2021-11-23T11:30:05+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2617
expires
Wed, 23 Nov 2022 11:30:05 GMT
localstore.js
script.4dex.io/ Frame 1E15 		483 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5O28ksoEU5QjO%2BpTC06OS5%2B%2BwrbdTlDx1jwG%2BorPvnoaRte%2BHQJ7wur31iKr9fR6Yj9eh07Z2GY0UiEGjA3KK5GP9EY1uSJu2jeTIh9w97MVbUi72LpAlPXjtjV26raMgM%2B8RsBQu1%2BicZa"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c0ae636958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
cdb
bidder.criteo.com/ Frame 1E15 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=56899412826
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame 1E15 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTUzYzdjZjhmLTg0MTktNDc4My1iZGIxLWRkOWRkNzI2YWNjOQ%3D%3D&pt=gross&stid=41c49231-a025-4598-82d8-d1d4758dbdb7&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 1E15 		138 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
01301a7b19144724990d204ef63ecd758075fc41a9febb516b084f4a58570c3f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5d3afa95-e825-4cf5-8313-56cc75e39dea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 1E15 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ Frame 1E15 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%229782f90590aab4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210ec4f81d2b8899%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
48e3a8bfcc14f0afb2c63ac9023f5482b15429e33ad1d9942a0c70fdfc78285b

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1E15 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=53c7cf8f-8419-4783-bdb1-dd9dd726acc9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8855448608637735
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
72e20b62497c46979a96a26add7eafa968862f9b972cdec6fdf191205370c565

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 1E15 		73 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53c7cf8f-8419-4783-bdb1-dd9dd726acc9&nocache=1638370514004&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
faf829046ee4ee99e05b2592b3277e23c81c75f97b7c66a6092e2e6337fdcd38

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame 1E15 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 1E15 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
GetPlayerRelated
video.gjirafa.com/Video/ Frame D8F9 		661 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetPlayerRelated?videoId=41202
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1789a4e82ff2dd9d77415027df9504be5074cc919705cec10b5bd1cbd1c247e3

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nU7DfE7ADKRyznjkcfQ%2B7ZsPm%2Bi2ZOiTjHkOIeBcsTcstp4c5N5dcySRElrce8uQ%2FcQmCA6kj9PXPffmJLJPkpwuaUaFicJgsJI%2F1ZXmdY1Fyq1KjP62JCSDr4%2BujYCVCTwk"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
6b6d27c0b9f55c02-FRA
x-aspnet-version
4.0.30319
GetFloatingAds
video.gjirafa.com/Video/ Frame D8F9 		3 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetFloatingAds?videoEntityId=80988
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-html-minification-powered-by
WebMarkupMin
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5K1p1RT1QNRFoA57n929kjwKalO5dZ2HCUZUEAIhd32r2q0rdnN4cGgCtV%2BzcqFSqSSiDO8mMCxA%2BumOoPtjMd6ve4Lt9gnanCaYVVRJKKnq1X%2F0vDZ8SCAF3HQP%2Fee1Y9u"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-cache-status
DYNAMIC
cache-control
private
cf-ray
6b6d27c0b9f65c02-FRA
localstore.js
script.4dex.io/ Frame 1809 		483 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kllZ6jlbaSq0Kzu0kMBbEJ241VTuzt%2FgL82bb2NKvA9eSvMk99IWksWjWJuQYO%2FnpyZpA1ijxJheNdjfDBW%2BhoYWFrgfAYIigZm4ENzQew0TzoPSZZZasWnjosPn04IwBHdfMVfWZy1Iu48f"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c0dedd6958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
/
adx.adform.net/adx/ Frame 1809 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTVhOTJjNWQyLWJjYWMtNGViMy05YWY1LTY4MzBlODFhNWFmOQ%3D%3D&pt=gross&stid=613cc348-92a2-4836-9e2b-995e56ae0727&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame 1809 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=99960460007
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ Frame 1809 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
auction
tlx.3lift.com/header/ Frame 1809 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 1809 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5a92c5d2-bcac-4eb3-9af5-6830e81a5af9&nocache=1638370514059&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
c901540f95f5ce922d445f2d1c365abb8ddd12f0e977af891330688c157242bf

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1809 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c6fcbd8f5dc872b379ec7182b036a70ae74d0ca77fbfefe1d3deed31046f65ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c8267446-ec89-4e95-b41e-c0e423888f70
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 1809 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%2213cc88dac3941d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22145969ebe130f28%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
96b2b9529fd25b5ad34352fa2491b592c8fd004bc8dcd0c33b7e3561a4ed4dc8

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
translator
hbopenbid.pubmatic.com/ Frame 1809 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1809 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=5a92c5d2-bcac-4eb3-9af5-6830e81a5af9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.40225284763165337
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5b65166c7e918072c1381ef9f695cc1172310837081bc5307d46e89a86bdd79a

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
localstore.js
script.4dex.io/ Frame ACC0 		483 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTLZ1pnJ21pCpPh%2BqCu1TDe5MCnyInwnOnWDc99zlD%2FW19xqjKilpJ%2Ba9G5%2BYs%2Bw7fU7EFHOnvbbNYxfEiKACJVz8VZRi9nOkYuHh5orjODATS0OOaWPD3KkYPVhLajTsj9kTvKsgAD0cMjh"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c0ef016958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame ACC0 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2ab4af30-a7cc-4403-a90b-2a61563bd255&nocache=1638370514063&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
52b3bbb82a3cebf72656847e5b17cb77e6d21bf9982b7dea18870176e31d4801

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame ACC0 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame ACC0 		138 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
197fc2354f077a62158e750fbf6753fcf1b58b3a8ad3662db39aabd714897b05
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
08f673c0-9cfd-4715-a492-09bb7eeb6f06
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame ACC0 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame ACC0 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=91204912444
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame ACC0 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTJhYjRhZjMwLWE3Y2MtNDQwMy1hOTBiLTJhNjE1NjNiZDI1NQ%3D%3D&pt=gross&stid=e485c71e-199d-4aa9-8a29-4f9567d8c42a&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame ACC0 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=2ab4af30-a7cc-4403-a90b-2a61563bd255&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.12943462364518088
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
97fefd2b431320c047161e02b899f6da786ca09b1f50635e5675073d6ca3d908

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame ACC0 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%221524c5c210022e3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22166bfd31a6524cf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5352cd38b3e8e1d78be593c44bc5d90c35cb92febbbac9285971bed9f462bc15

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
translator
hbopenbid.pubmatic.com/ Frame ACC0 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
localstore.js
script.4dex.io/ Frame 7C57 		483 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jif869ZBzJzj2kwFGt7Ykx5DeZyF9Bz3hky1h%2BkwUNTlJBi8blvO4d6hmowbHnt1OqAJ5%2BvscOGP5Ucn97qOnt9KYmT4eanc1qsTdq1bQyfIMpoC9yPSpHORYKTEXeMSySvFtV3GPVtkUP7P"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c0ff326958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
/
adx.adform.net/adx/ Frame 7C57 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTQyN2ZkZDViLTQ0ZjYtNDRlZi04M2VjLTJlNmNjNzY4NGUyYg%3D%3D&pt=gross&stid=b9af7e60-9a49-405d-8643-1091b25f7011&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 7C57 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=81184839238
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7C57 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=427fdd5b-44f6-44ef-83ec-2e6cc7684e2b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9916225736769322
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fb3fdcd70f1c47932797ed2ebc40d360f1bcdc325e95f5041a684b0375f2bb98

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 7C57 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 7C57 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ Frame 7C57 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%221121780c2584bed%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221284a7360ac816f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
719251218a7baebabed9f5a47c4be39d5b591e76b66366f91240b99789a0e8fd

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7C57 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5fd1b5efb0cfa2df9a3ff7df0035d7bb53c0da9870b93a39e83915a41f091f9a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4ffe0c01-63ab-4bfd-ae53-4ae3d69c3cf3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 7C57 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
projectagora-d.openx.net/w/1.0/ Frame 7C57 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=427fdd5b-44f6-44ef-83ec-2e6cc7684e2b&nocache=1638370514079&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
98744d30b1ed16afacceaed7c24f4489b0f934ad739182590bf1c669d25acc78

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
localstore.js
script.4dex.io/ Frame C269 		483 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BMpSPuxzPRS8H7ApGjTEdfEtmqmmmTNqfuZO8xeR6h%2BZ2yGnkUYQSt%2Fbd07zZV18YINCALAVc723Sj%2BTUzx6Y1ZXjPGs1ojttTlFp1ixPBVMOClEa2iWeg8UAf%2BEq61gCAAhvQqIXS5DL5P"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c10f476958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C269 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
dac294989be7cda9d1e6fdab604fcbb3b19095e1962c4d1f74b93512226e0614
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
940f9228-86e9-4e6f-86f6-acae962eae77
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame C269 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame C269 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame C269 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTAxNDhkYTBlLTg5OWItNGM0MC04YTFhLTkwOWNhNjM4ODBiZQ%3D%3D&pt=gross&stid=160f7588-bdba-4903-bb9b-e6e9cd608713&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C269 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=0148da0e-899b-4c40-8a1a-909ca63880be&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4959803611454938
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2c13b6f4a736500a0de353891813c828b649c1a407264f25150ef48faf97c827

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame C269 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0148da0e-899b-4c40-8a1a-909ca63880be&nocache=1638370514087&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
115fbfd87eb879ac28a4f82d78bf71505dce96ae03f10a458982d081ef4d37f7

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ Frame C269 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ Frame C269 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=76588387050
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ Frame C269 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%2217876b66d326c01%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22182ad9a0f441d0c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cfda0c296dc1e9dafc6a465d30f986224bb2354ac11d8e3860e3e12b5d44667

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
localstore.js
script.4dex.io/ Frame 3914 		483 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkCk0oNAjbx7h4IwFEVOsvsLGjoKKgdXE7Tx0LtMV3VFEYexuphGGFQsZDrJAiKUjrwjTVsyNeJLkgmVUSNr%2Fb83wYpxdW%2F4Zi%2FZ%2F5%2FSOturq9GRwddNwSphzWCGb4yNaBXsU2TEp6XLqCk9"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c12f926958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
translator
hbopenbid.pubmatic.com/ Frame 3914 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
projectagora-d.openx.net/w/1.0/ Frame 3914 		73 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=577e62b4-d4b5-49d2-a41e-30f5db2db1aa&nocache=1638370514109&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
10424aa5798c3676436c9f04923236e2272855fc7cac5eaa1a34c7781ed6a2ae

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 3914 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=64622384923
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 3914 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c3a992b7b26235e6c54e987b4f62f793fc2a422a494d8505b796383f70b65283
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b4ad7927-1a86-4788-a865-bb89f44cec18
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 3914 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%229c3462c259c9eb%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210376f8783c4836%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8137485b35baa28e7246f7a393da3985722dccd06c92d6e32601c9540f695322

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
auction
tlx.3lift.com/header/ Frame 3914 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
adx.adform.net/adx/ Frame 3914 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPTU3N2U2MmI0LWQ0YjUtNDlkMi1hNDFlLTMwZjVkYjJkYjFhYQ%3D%3D&pt=gross&stid=6f35b286-0833-44d5-b905-f545dba1d8c0&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 3914 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3914 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=577e62b4-d4b5-49d2-a41e-30f5db2db1aa&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5154620811167432
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7fa1cb6df3efa85f3b82cbe4f2021ac7af8812e1bfe9c11e9ea47d08018408a5

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
localstore.js
script.4dex.io/ Frame 0CB2 		483 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRM2PKUR1d5DM%2Bw%2FuSzPHJKS%2BSWfjRRcli78UacxnRL2XGgOCgQK3vsCFPkd%2F%2Bvz6eBeNeLUQrgVQpJ74%2BnU0ZapWT4mDvivsRRQjbOCocqhK%2BQsghMcpzEJHIA2BaJXiuWOUBldlCE21BVR"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c13fa06958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
v1
prg.smartadserver.com/prebid/ Frame 0CB2 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 0CB2 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=50776756601
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 0CB2 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0CB2 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=5eee4eb0-0ab0-4e5a-961c-cd582704e631&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9960897862753433
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5597f026de52013fae8954e9f9a8f615f7df9b53d11570413e3bfbda6df8817f

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 0CB2 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTVlZWU0ZWIwLTBhYjAtNGU1YS05NjFjLWNkNTgyNzA0ZTYzMQ%3D%3D&pt=gross&stid=a8e1e788-7a31-4ffd-8b2d-cb1d67657b6f&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
auction
tlx.3lift.com/header/ Frame 0CB2 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ Frame 0CB2 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621765&v=7.2&r=%7B%22id%22%3A%2213561d3980fec41%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22142d78e3d87aabd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621765%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4f4de3f8ef14baf9745385dca27d067be09c5ef16d059f9fceb513f09e22c9e

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 0CB2 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
295dbf897dbe7cb8470fa90dde9c1774223e783e83dae4f5c566bf6076f193c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e6b24645-bb6d-463c-a15a-786de1ba329d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 0CB2 		73 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5eee4eb0-0ab0-4e5a-961c-cd582704e631&nocache=1638370514117&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250&divIds=16588074_gazetaexpress.com_ros_300x250&auid=540924443
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e5bc14ce77af44bc8500e6fb482c2fc2e83ad065c503ec68c3d5fb4586495d06

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
localstore.js
script.4dex.io/ Frame 53FD 		483 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iL6ZwOVVDqhLSQlPitNNyjrZdUQ004hR9MdeCONtviXZNrak28mSXwuPtAsbc6t21%2ByRdnlKwMk2sVT52%2F61GbhyNrBKl3P2mxZ4wdtVi9zylfbZfhnENkOi%2B4lzqlETMJOjAkDCHOx32bBa"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c13fb36958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
cdb
bidder.criteo.com/ Frame 53FD 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=54304220274
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame 53FD 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPTE0NDZlZDJlLTE1MjUtNDk3OC1hZjlmLWI0MTY5MmYzZjQwOQ%3D%3D&pt=gross&stid=f8ba6657-c443-49d6-98f4-7d08f0bba952&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 53FD 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=1446ed2e-1525-4978-af9f-b41692f3f409&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2015794407564495
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fe67d22e3c1631ecaf1bc3d20adf040dbf7dd1388bb1018bf5e9484c0ed9a3ae

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 53FD 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 53FD 		139 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
13528976ff450715fdef019e19de2752b9bb60b59a7fc72cb3ed4a5325c42787
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
de800ca3-8ec9-4e41-be43-68fe3fc9d256
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame 53FD 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 53FD 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
projectagora-d.openx.net/w/1.0/ Frame 53FD 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1446ed2e-1525-4978-af9f-b41692f3f409&nocache=1638370514123&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
a704480bd2d436dcd5609f0624252f0204dc3147f5123a45c0c634bd25ed30bd

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 53FD 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%2217f1c5486d27443%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221850522e5741703%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e3336971f8807f870bd5d8c148ea241c0d0a35c30b2c91935aa70e9955ef0bc

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
localstore.js
script.4dex.io/ Frame 8F69 		483 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3KjgptYCOTlnSxj9XGdE1sMWa6w1g%2BP7Z9Jy9uFme9LrhEiCTs2zd29wpWBsufF9UJxCUzsqx%2FA37hAa1J80HNu54lKRiFV%2BHB72uYCmVeTp3ETngyK3JNJQOxpM7KhEH0Py7pBUm7OzUP9"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c14fc06958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
/
adx.adform.net/adx/ Frame 8F69 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPTEzZGE2ZTYwLWZjODMtNGQwMS1iMmQzLTg3MTk5NTIxYWJlYw%3D%3D&pt=gross&stid=cfb43ad5-2f90-4dc8-8b0a-4bb2161c761c&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
auction
tlx.3lift.com/header/ Frame 8F69 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 8F69 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=13da6e60-fc83-4d01-b2d3-87199521abec&nocache=1638370514126&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
39226ae5503ed5588a5d0be78214d58688159117450456d7d3a6ca60a2bceff1

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 8F69 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%227fd4d3d9553573%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22876af4fc1579c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
232a02aa669f534c686996e0950fc7f51ba98712478f82b73b7e09075556a7a9

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8F69 		139 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
49be3bee5a2c7cff75416b823ac8f85c56a03c464e366c9b0187a584c261d73c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6514375e-dd36-463b-9ccc-2fd2c2e290cc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8F69 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=13da6e60-fc83-4d01-b2d3-87199521abec&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.886908637839168
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
386086e9f63018331ee6a44d752185fa1d1bd8a91e6e94e83dcd12e921687537

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 8F69 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 8F69 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 8F69 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=25506135378
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
localstore.js
script.4dex.io/ Frame E187 		483 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGS1%2BitWqfxL8qKq6sD7cT0d%2Bf3iGkNpNUC15muPupg2Wg9A48FlnajU96rcO%2B6y3wMt1pvqxCissuPK8Dy%2BnYfCIrq7Xj4m44AXaU44tSpXQ%2B7Zr8U94W7KHCHL%2FaqYbtBm%2BkM1bvUqHxt5"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c158056958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E187 		0
0
auction
tlx.3lift.com/header/ Frame E187 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ Frame E187 		36 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621766&v=7.2&r=%7B%22id%22%3A%22546294914a9bbf%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226588404eb9d365%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621766%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226588404eb9d365%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621766%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d59bab2d41d9e595148506153fecef31f06271c6e2a00b86ed9d85454499de2e

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
cdb
bidder.criteo.com/ Frame E187 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=77833638636
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame E187 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
projectagora-d.openx.net/w/1.0/ Frame E187 		73 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=08d7cdab-287b-4e7d-a62b-87781c1ca1ff&nocache=1638370514143&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=970x250%2C728x90&divIds=17062380_gazetaexpress.com_ros_970x250&auid=540924442
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
8a264a765eac501f00fff915391b733d32ad4531626d87d8eda362fe6a940f8b

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E187 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=2&alt_size_ids=57&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=08d7cdab-287b-4e7d-a62b-87781c1ca1ff&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6702004085616236
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b974c09b492a72449d8b75be1180b398cd93745c1ad9b30391020e978fe2334c

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame E187 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPTA4ZDdjZGFiLTI4N2ItNGU3ZC1hNjJiLTg3NzgxYzFjYTFmZg%3D%3D&pt=gross&stid=422d713f-1cdc-427b-84e5-49cdc9760a77&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
localstore.js
script.4dex.io/ Frame B025 		483 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5y0R3esimfrrarJWsAdkkuPUwToOkpE93YHwHHUMsvBEVBCHgSfc2m%2BoenrQDaXYKE9iPGvo8T7twa%2FPmKaOtmJzwaJ991O52m8Aaeih2xHQRKUYxeaJMwDHateBwwqjNGe6a5KVzXDT%2B%2Fk"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c168396958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
auction
tlx.3lift.com/header/ Frame B025 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame B025 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e34896f9-5959-4934-bcec-ec6c9269e0e0&nocache=1638370514146&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=970x250%2C728x90&divIds=17062380_gazetaexpress.com_ros_970x250&auid=540924442
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
558587aecf42d586786beb44c29643e4140c153e47f39fc18e4567cfedfd9fb3

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame B025 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=79517812945
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame B025 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPWUzNDg5NmY5LTU5NTktNDkzNC1iY2VjLWVjNmM5MjY5ZTBlMA%3D%3D&pt=gross&stid=1a1870e0-46e3-4fb7-a801-5b78a8976dc6&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame B025 		139 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1f13001c4ee8adb04500381f64c143bd801ebeed186a2fb6defaa1a0b093322b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
68db5472-0079-43b3-a9aa-41fb11b134ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame B025 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B025 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=2&alt_size_ids=57&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=e34896f9-5959-4934-bcec-ec6c9269e0e0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6309158514146767
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d836dce6db2df61dce68f12dd294a6238320c2b84742889ceb57a29bfd551fa8

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame B025 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621766&v=7.2&r=%7B%22id%22%3A%2216fde9de22b8085%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2217a83e19b07d6b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621766%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2217a83e19b07d6b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621766%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e51f53af37137e4cc9fb4f2087ac3b2140e8d0c4b767c0549cb56e6b179ccec4

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
status
www.facebook.com/x/oauth/ Frame 26F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.gazetaexpress.com&client_id=339813706476261&input_token&origin=1&redirect_uri=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c76433641c90a0d318965f5b9f675d3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ihcU+Mh1tSUjY7yauxfYhoWiOKfmRTyvz45eitGg7sXKI/aFvuioio8ZL8ciSgFbP6iGz+TzuLdfMz9TIYEY2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Wed, 01 Dec 2021 14:55:14 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://video.gjirafa.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 26F4 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=339813706476261&ev=fb_page_view&dl=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&rl=https%3A%2F%2Fwww.gazetaexpress.com%2F&if=true&ts=1638370514151&sw=1600&sh=1200&at=
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 01 Dec 2021 14:55:14 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D6B1 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 01 Dec 2021 15:22:15 GMT
localstore.js
script.4dex.io/ Frame 1051 		483 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10
content-type
application/javascript
x-amz-request-id
tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2
tx20fcbba173164c66b29ed-0061961d50
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xkhgm2aNrbHa6enyDdlNBRTO9xGM8nxnkiVkn7VqgRk8CMPYf6MhxiekGJyw51Dqcu3EgCneMFsAQciSs6QSX1TeOKR1DnMqCemZ327M2PFMqECU%2BgO%2Byc%2BKNVt%2FDai1vUHqatfTQxG%2FDqce"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1637227780937425
cache-control
public, max-age=1800
cf-ray
6b6d27c1988b6958-FRA
expires
Wed, 01 Dec 2021 15:25:14 GMT
auction
tlx.3lift.com/header/ Frame 1051 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.35.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-35-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ Frame 1051 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=7936880856
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 1051 		137 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e8dec49e0a0fd84d550252696ce78d415d0f125aab158811f014bcfe35d90968
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
eaec3152-e30e-4021-b851-1227819deefd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 1051 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame 1051 		5 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc3NzA5MCZ0cmFuc2FjdGlvbklkPWE4Y2FkNjUyLTAxMmEtNGU2Ny05ZjAxLWY4NjczMjlmOTNiMA%3D%3D&pt=gross&stid=aba6df67-0cbf-4622-8957-099d7f1c9979&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame 1051 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a8cad652-012a-4e67-9f01-f867329f93b0&nocache=1638370514182&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=728x90&divIds=18287006_gazetaexpress.com_ros-1_728x90&auid=540990852
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
074f000c5bb8ac01662a0d0446c0c7922d9e1af13835b2d0a12f05e18ca11cf3

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1051 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1549192&size_id=2&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=a8cad652-012a-4e67-9f01-f867329f93b0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.32543395432895417
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6c71681b8be915eaf297869a53de1be808959a8093905658c8138095de1bdec8

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 1051 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Wed, 01 Dec 2021 14:55:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 1051 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=620409&v=7.2&r=%7B%22id%22%3A%22175eb3674016d43%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22189872818625386%22%2C%22ext%22%3A%7B%22siteID%22%3A%22620409%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b9b90440e5aa223943221afd7ebd53db88667128ed03ad9f0f01059b691bab4

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Wed, 01 Dec 2021 14:55:14 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 159D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 01 Dec 2021 15:22:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D4D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts_RagldmiUS7JCSeoqSQXEqs6wEtIOo4KTcaVhuSB1ECRzQYitevZDq62RjMmeuYkz3PFsNukTOObq1X30TIKdIKJbTBaDaEoKZ8f8K_1Sa7NNvDiW5Pg28HS12SPwmAbHrQx02r-5S-QQcLm9ohcTMD5mjgmg2z3xwYEg37tHAhma6qY4nfz2pno-LD9zSp7NRRvmRju9KuB7cW6dwNkwquNb6-6zUTEx4TZbNJ6Qjo_nVFNV0pjwgg2L1BF1LYjQcXjnnZ5GuUj3EKLacaOzO5LKFswCvjZXXW3oYc7VaElRDMO0uPTg6hWWlcU11X3UQ&sig=Cg0ArKJSzOpvIOM55RsWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
lmonebid3.js
lupon.media/one/ Frame D4D9 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lupon.media/one/lmonebid3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4a9d29ee63a41e51b16f3d6494959ab5c31bc2d29f9bc007f5a250ae80fcfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1594
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 23 Nov 2021 10:21:14 GMT
server
cloudflare
etag
W/"619cc09a-6866"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbSN9zxhfrIZMA7rYoVVo8dPahbwFGwDWiDfzKXtG6ndiBgu2SpiERtDFBWZ4ulys8RFEhCfCg%2FNLOpzNmVuKGT5YF8Vy%2B%2Bfl1xlTpl3kf57Oye%2Bkks1ZG5ecSqRxoa382uPgk9W8a8p6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*, *
cache-control
max-age=14400
access-control-allow-credentials
true, true
cf-ray
6b6d27c1eb29702e-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4D9 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111801.js?31063845
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 14:55:14 GMT
GetPlayerRelated
video.gjirafa.com/Video/ Frame 26F4 		661 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetPlayerRelated?videoId=41202
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1789a4e82ff2dd9d77415027df9504be5074cc919705cec10b5bd1cbd1c247e3

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs4DTHl3vmKpfql0uB5sfc%2B6eBz4%2BO4FE5zbw95EACKcrjOrFLNoiOYXDkG%2FPYZzHY%2BluK0w%2BpCvBbfK2jvzFyp%2BH4iHAbDn7ScHmseBRpGbG8oBk3h29%2BL3%2BV7WeSADoT0%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
6b6d27c1cc7d5c02-FRA
x-aspnet-version
4.0.30319
GetFloatingAds
video.gjirafa.com/Video/ Frame 26F4 		3 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetFloatingAds?videoEntityId=80988
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=1bIy7ULbXCEI6tV9m6tfE6K84kKQZ6jVw65QgpGiBgo1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-html-minification-powered-by
WebMarkupMin
date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq6tTeWYHeuMl8hBq7d9jiSQz9axMq2VdPBcE58TQLuwgr5ny9Yrx62t50C89V%2Ft6h7kA1R58U9ZsIfHdTfM86AyKkH%2BlxFRZy4AHSuOMTeGGo2%2BOlqQksU%2BfJnOhJdpHpY5"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-cache-status
DYNAMIC
cache-control
private
cf-ray
6b6d27c1cc835c02-FRA
status
www.facebook.com/x/oauth/ Frame D8F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.gazetaexpress.com&client_id=339813706476261&input_token&origin=1&redirect_uri=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c76433641c90a0d318965f5b9f675d3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
CqnCB52XM0+KLKWlzU1KRN++j5DAQRVG2DGgyDqpwubgK8qbqozry6tt9uDwqfvvF3KYfoxvFb/f6feTVFY9gg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Wed, 01 Dec 2021 14:55:14 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://video.gjirafa.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame D8F9 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=339813706476261&ev=fb_page_view&dl=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&rl=https%3A%2F%2Fwww.gazetaexpress.com%2F&if=true&ts=1638370514210&sw=1600&sh=1200&at=
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 01 Dec 2021 14:55:14 GMT
yzg0yt.m3u8
samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/ Frame 26F4 		455 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt.m3u8
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.250 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a2c5b13377612f75621e6a514d5d172d41a0c2ade18e157b8be89f2a1e81415

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-backend
gjlenc03
age
1
x-backend-age
0
x-backend-f
silencer
content-length
186
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
W/"61a78ccf-1c7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
699631712 699730251
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck2
x-backend-s
1s
accept-ranges
bytes
content-type
application/x-mpegURL
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 14:55:13 GMT
yzg0yt.m3u8
naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/ Frame D8F9 		455 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt.m3u8
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.249 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a2c5b13377612f75621e6a514d5d172d41a0c2ade18e157b8be89f2a1e81415

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-backend
gjlenc03
age
0
x-backend-age
0
x-backend-f
silencer
content-length
186
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
W/"61a78ccf-1c7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
815061749 814643134
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck1
x-backend-s
1s
accept-ranges
bytes
content-type
application/x-mpegURL
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 14:55:13 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame D8F9 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Wed, 01 Dec 2021 14:55:14 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame D8F9 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 12:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 02 Dec 2021 12:25:13 GMT
adagio.js
script.4dex.io/ Frame 1E15 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pnl3oFKk33TKIjntFbkk4CHzlcwelgJ5nvd3OxMpI72xLL%2F0fS7TmzKlIBXDM%2FvfjeihLJ9eA8AJnlPPeDdL3gEGPice2JdmtMwd1zqokfHyThnOrY4nIhiH8wOZYaEcVtTfsZnbqzAvUs5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c21bd54ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 1809 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqZ%2FzW6h1F8%2FuS42GMmZMsPPG8npz6%2FD7a7PHF9WuHHw5HGpG8VskFry%2BGgjh1z9CYZwmz9z%2BpdaFr%2FENF1AmJ9m4prZ3mFZ%2FYv05nU8T3L5E4vyOsdBiK6z1vUWMSPQsBtwkyYrWlEpv5yO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c21bde4ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame ACC0 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usb9T5DjKHn21gj82be1lChkZX7uZU8z7c81kIGwJDX2cBuLGyy74maE%2BzVM64iV0AjP9fUXUYkkfyjRPJPT4xHt2D8G%2BfuhGoesvifflQKt7oExQnlsHLgirHggvMkc323QJoX17w6ByyqB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c22be14ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 7C57 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi1L1DQ19AL0%2BcWLeTop0epsNINhe17WtjOuBqLXDbP36o8yOo5bigTmjLwzvy86498R3JkWxKrzw7SxX1tfKFYXigFPa3yHlR9WkcAuQgJ5cQjHT6VO9LZD%2FkTn5jAij29wdVh0g4q4ksKy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c21bdc4ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame C269 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCqcV3WkiKsDrlHZFsWqp9kb86g7azT33lNkQa0lzcQlZWir4a9L48kjMVtHiOxYEN58Po6EisUbF6wgWEKryayLK05ewOrgO2hQ9apaTlUqD%2FWKaMHcjrIAH%2BlThHfkud%2FYd%2BB2OYQ5cvrN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c22bf34ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 53FD 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeeMtBIHshb8T%2Fr80wyK8paYnkju0wgOmbC3z8ePcsS3K1%2BmTL1IuGhUJ9N65dz45j1tdeuUHgUso0bbb7tOR8b38aiQb2pkF2N7sW%2BmKRIOV9WOXxGMXgQWqmT2yWmlmlxWJlBXU4UbAesv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c25c394ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 3914 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqqwKCO6AfefGEQPkTsrCaRvPUZ%2FQ1LEjV%2FAUpE%2FuPftByiOFyBBt3gutE%2B9L3vycdG1f42IEeuCask1CdiIJw9290aLoeCx5DFFuzRVXYVnHj3a2lLgLkfT4BQcAQgbRgmrL5V42Rgihxj9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c25c3b4ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 8F69 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcxrvYyZuRiv7Akk5kJRdS5zJKAfFd%2BdxrNbrHntdnM1VHctgNdN844xbnxUv3q2%2B3ThVU%2BGiE8w5eQ%2BKVk0SbYNdVF0r5GfCryPm0rppq0Sl9DOpoWqtTCAGLPY7fcJd48MIut7EqiEvpyO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c25c434ab0-FRA
access-control-allow-headers
Authorization
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 26F4 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Wed, 01 Dec 2021 14:55:14 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame 26F4 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 12:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 02 Dec 2021 12:25:13 GMT
adagio.js
script.4dex.io/ Frame E187 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJXSC026a%2B%2FYVbv9ttjLRUaaZe4Sj4QTbDDlTmnbFELDlGtYnTKzQ%2B2UDGT7rUBa2t2%2F8%2B%2FmKerSj7I5Jad0keDiGhlBJFbMmbho%2BVbKuaqAlBvk%2Bq4PEzhW3DutLSCFkJRb1P0%2F2LVxsypR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c26c4b4ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame B025 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeYQ5MN9puj95qdlKvClq8sHVgYF9BbsIbyzUplcVnZZxJk1E%2FeVVqH82lzvaJM2JIyvUK4VDXrXKDvJ33kDm%2B4afAyUwIZdKA%2B%2FodW7JJVxNJxvqbOsFkv%2BS%2Fo2X4tW%2Br5EWTsRQ0xz6xrw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c26c4e4ab0-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 1051 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKW9oOHxbmmpSemxaY9zCumcHYOQyfXOoZMkY7ItJGyYjicAPDF9xPqnWmI24Q9TI0son0LLHlt6jClJBclGnPln90ZoQk0I9TxgTE7DxqMpoNvAlF9ZawIkFgT%2BsogMDJmoNuvD2oaH3zM2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c27c7e4ab0-FRA
access-control-allow-headers
Authorization
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 9429 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdgvMclQg%2BlrMH2Klii%2FX6cG3xjnGnnoIwj4cxnZ3qK2%2BhxYJjg1DYfyfiw1qnv3P82KnJwovPmHPHm%2BETBXiiBjXxi%2FDZbJnLsUy8MVjm04EWwBmWRGBGjSsEcapBSIuWzBWmgvkoAOTu44hViPrQuzAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b6d27c2af320614-FRA
/
projectagora-483829-hdb.adomik.com/ Frame 1E15 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDFjNDkyMzEtYTAyNS00NTk4LTgyZDgtZDFkNDc1OGRiZGI3IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=41c49231-a025-4598-82d8-d1d4758dbdb7&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 5EA1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFLFGQddLjniXuAUfkfPac7kUxpcpd9mxTV6lJxdn3%2FFvNv8ubyX8xkhX%2FXtk40cCLZEYsMz1VprzKgV5TOrVfZzg0y1wg73sA7%2BbRKEUyl0GewkoylNhkoXtja6rSAoD0eqmqz7ElC%2BNLmYY9yVcyABAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b6d27c2af340614-FRA
/
projectagora-483829-hdb.adomik.com/ Frame ACC0 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZTQ4NWM3MWUtMTk5ZC00YWE5LThhMjktNGY5NTY3ZDhjNDJhIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IlBVQk1BVElDIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=e485c71e-199d-4aa9-8a29-4f9567d8c42a&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame FE5E 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smMZvhHafRvrgaDJPNp0l%2BgtZ4psZKqoNd0mwMcCCDaTjKFCIZ2TVY0LdD3lWn8HmOLnaG72EDx7PWuiT9mO42LFS%2BG19kkt4k13zn4yr7i3VwUmWVUcl3ewkFce0Sn9SGpdH9G1aGENpV8gMd0KD8Ck3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b6d27c2af360614-FRA
/
projectagora-483829-hdb.adomik.com/ Frame 1809 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNjEzY2MzNDgtOTJhMi00ODM2LTllMmItOTk1ZTU2YWUwNzI3IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=613cc348-92a2-4836-9e2b-995e56ae0727&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
knsinarql37c
hal9000.redintelligence.net/zone/ Frame D4D9 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/knsinarql37c?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=1615193373940463859&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1615193373940463859%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8f4f968a83c859f3a7e8a180ce0c10413c2e59b51f5c67ac3784161692844c89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2801
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame D4D9
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWWpVeE0yRmpaVE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTUxOTMzNzM5NDA0NjM4NTkvNjYyMjQwNS80NTYyMzEyLzEzL1JyVG...
  • https://tags.mathtag.com/ck-confirm?bid_id=1615193373940463859&node_id=2633&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=1615193373940463859&node_id=2633&exch_id=13
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.209.5 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
MMBD/3.209.5
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x27, zrh-bidder-x147
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 01 Dec 2021 14:55:13 GMT

Redirect headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
x-mm-bid-request-time
1638370512
Last-Modified
Wed, 01 Dec 2021 14:55:12 GMT
Server
MMBD/3.209.5
x-mm-latency
22 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://tags.mathtag.com/ck-confirm?bid_id=1615193373940463859&node_id=2633&exch_id=13
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
cdg-router-x85, zrh-bidder-x147
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Keep-Alive
timeout=360
Content-Length
86
Expires
Wed, 01 Dec 2021 14:55:13 GMT
img
pixel.mathtag.com/event/ Frame D4D9 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=1615193373940463859&v3=651871&v4=4562312&v5=6622405&mt_nsync=1&no_attr=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Dec 2021 14:55:13 GMT
img
tags.mathtag.com/event/ Frame D4D9 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=1615193373940463859&st=4562312&time=[IMP_ATTR.time]&nodeid=2633
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.209.5 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
MMBD/3.209.5
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x38, zrh-bidder-x147
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 01 Dec 2021 14:55:13 GMT
analytics.js
s.update.ib.adnxs.com/2/225545/ Frame D4D9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ap=&sr=3153&pp=1457516&ti=7266049169965899231&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&md=1&dm=970x90&gt=DE&ac=${CPG_ID}&pc=15054187&cr=281686027&c1=ams1&c2=0&cb=339515141
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8ff40aa73ab1da514dbfdf7f1b451f2227787f1b3aa25e02eab1f8915d23ce38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2972
Expires
0
trk.js
cdn.adnxs.com/v/s/221/ Frame D4D9 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/221/trk.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Content-Encoding
gzip
Age
2523370
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29240
X-Served-By
cache-lga21971-LGA, cache-hhn4059-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 02 Nov 2021 09:57:21 GMT
Server
AkamaiNetStorage
X-Timer
S1638370514.357250,VS0,VE0
ETag
"f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 02 Nov 2022 09:59:04 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
300029, 4790102
it
ams1-ib.adnxs.com/ Frame D4D9 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.gazetaexpress.com%252F&e=wqT_3QK7Cug7BQAAAwDWAAUBCNCZno0GEN-724KRp4zrZBgAKjYJYVW9_E6Twz8RTd9Ps14Rvj8ZAAAAQOF61D8hTQ0SACkRJNAxAAAAwPUovD8w6-qWBzjRGEAdSAhQi-CohgFYq75uYABo6rKYAXiytQWAAQGKAQNVU0SSAQEG9JsBmAHKB6ABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsHWW-oCHmh0dHBzOi8vd3d3LmdhemV0YWV4cHJlc3MuY29tL4ADAIgDAZADAJgDF6ADAaoDpgYK3QVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdldXcFZlRTB5Um1wYVZFMTBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMekUyTVRVeE9UTXpOek01TkRBME5qTTROVGt2TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDFKeVZHNXJkMW90UkVGSmRGbHZkM3BSUTJWMVp6aDNSV0ZFYWpGWmFuTmZTRGxyUkRGRVVFUmFaM012TVM4eE15OHdMekF2T1RVMk9EQXpMekUxTXprM09UZzJPRE12TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TjbEAARSTgkQCE13ZAXkGGRNVkVGM1QhBBBFMUVRWAnkBRAFICBjdk1DOHdMekENCGb8AAxlbkpvBSiIVE15T1M4Mk5pODVPVGt2TXpJeUx6a3hMakU1T1M0eE1UZ3UFVExqQXdNQzh4TmpNNE16Y3dOVEV5TAFg8HV6Z3pPRE14TVRJdk1UTXZNekUxTXk4L2ViNTBaVTg3encxVmZkYkVZRHR4UmNnUFhKRSZub2RlaWQ9MjYzMyZncm91cD16cmgmYXVjdGlvbmlkPTE2MTUxOTMzNzM5NDA0NjM4NTkmc2hhcmRrZXk9MTYxNTE5Nh0A8HFwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzIuMjQmc2lkPTQ1NjIzMTImY2lkPTY2MjI0MDUmc3JjPWFwaSZ0eXBlPWJ1cmwmY2xpZW50PXMycxITMTZChACwGhM3MjY2MDQ5MTY5OTY1ODk5MjMxIgkyODE2ODYwMjcqBjEwMTkzNjoHNjYyAWPwsMADrALIAwDYA47CPuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA45MS4xOTkuMTE4LjE1NagEALIEDwgAEAEYygcgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASL4KiGAYgFAZgFAKAFrqn4luLu75M0wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGAAUl8FXwP9AG-asB2gYWChCLlj0f0ThCXYGMA0Ii44vfEAMYAeAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPCAAQABgAIAAwADi6BkAAyAeytQXSBw0JAAVbBAAAAR4I2gcGCSdE4AcA6gcCCADwB7rrA4oIAhAA&s=6d463cf0eb892f2ce629de1acbe2a77300d7d8ba
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5789ba65-3d29-4bb3-a69e-0db8a95e5828
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ Frame 0CB2 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1142650
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7c253f9f95d0465aaae36-0061961d52
x-amz-id-2
tx7c253f9f95d0465aaae36-0061961d52
last-modified
Thu, 18 Nov 2021 09:29:40 GMT
server
cloudflare
etag
W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuNmdYLdblYU7Qp3JzztKipKjAsaCgoM0ohjg9X6B7pKYiExflBk4NHRG96Ry4VKf8XF6khy2sKRN5%2FyI51T20heuCCt4C3JpH209kpXyoh81EQVha2GWUWT7Y%2FQmshq8b9zYkBnb9eGx3ed"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1637227779984125
cf-ray
6b6d27c29cc24ab0-FRA
access-control-allow-headers
Authorization
index.m3u8
naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/ Frame D8F9 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/index.m3u8
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.249 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f617c71aedf0d8fbd7c9bf7ec7d1e6dfdb8de0a3c7b2c52204abe51542bf740a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-backend
gjlenc03
age
0
x-backend-age
0
x-backend-f
silencer
content-length
2055
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
W/"61a78cce-388d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
815963604 815354961
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck1
x-backend-s
1s
accept-ranges
bytes
content-type
application/x-mpegURL
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 14:55:13 GMT
index.m3u8
samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/ Frame 26F4 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/index.m3u8
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.250 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f617c71aedf0d8fbd7c9bf7ec7d1e6dfdb8de0a3c7b2c52204abe51542bf740a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
x-backend
gjlenc03
age
0
x-backend-age
0
x-backend-f
silencer
content-length
2055
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
W/"61a78cce-388d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
699602733 698017713
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck2
x-backend-s
1s
accept-ranges
bytes
content-type
application/x-mpegURL
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 14:55:13 GMT
negotiate
analyticsvideo.gjirafa.com/signalr/ Frame 26F4 		391 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analyticsvideo.gjirafa.com/signalr/negotiate?clientProtocol=1.5&token=zxqyzk&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%2C%7B%22name%22%3A%22livehub%22%7D%2C%7B%22name%22%3A%22notificationhub%22%7D%2C%7B%22name%22%3A%22videohub%22%7D%5D&_=1638370513313
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.68.155.202 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3129903.ip-51-68-155.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b38427a7f38c3e0e7febe2583441fb418fcc9e314dcd9b199f2aec9b7c27dc03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://video.gjirafa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Expires
-1
negotiate
analyticsvideo.gjirafa.com/signalr/ Frame D8F9 		391 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analyticsvideo.gjirafa.com/signalr/negotiate?clientProtocol=1.5&token=zxqyzk&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%2C%7B%22name%22%3A%22livehub%22%7D%2C%7B%22name%22%3A%22notificationhub%22%7D%2C%7B%22name%22%3A%22videohub%22%7D%5D&_=1638370513446
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.68.155.202 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3129903.ip-51-68-155.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c6a2ace69366da428037e4ceb6a22ebbd2b336ab95607fff2b3fd3b24b52bcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:13 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://video.gjirafa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Expires
-1
request.php
hal900024.redintelligence.net/ Frame D4D9
Redirect Chain
  • https://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1615193373940463859%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=1993578590983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e9b368e35a2c538e7431e028e741fc490d0ef428c106bcca8105796ad69fd760

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
22986500127232700951443011795024
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
896
Expires
Wed, 01 Dec 2021 14:55:14 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1615193373940463859%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=1993578590983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 01 Dec 2021 14:55:14 +0100
1638370470174.ts
naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/ Frame D8F9 		234 KB
235 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/1638370470174.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.249 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bcbc48f32ae5849f3ce3b4966c4086d43862a694763758bee9838cf09b393540

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
x-backend
gjlenc03
age
37
x-backend-age
0
x-backend-f
void
content-length
239700
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
"61a78caa-3a854"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
814643154 814698278
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck1
x-backend-s
20m
accept-ranges
bytes
content-type
video/MP2T
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 17:04:36 GMT
1638370470174.ts
samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/ Frame 26F4 		234 KB
235 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/1638370470174.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.250 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bcbc48f32ae5849f3ce3b4966c4086d43862a694763758bee9838cf09b393540

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
x-backend
gjlenc03
age
38
x-backend-age
0
x-backend-f
void
content-length
239700
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
"61a78caa-3a854"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
699697098 698054014
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck2
x-backend-s
20m
accept-ranges
bytes
content-type
video/MP2T
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 17:04:36 GMT
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 1FE4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0jSeQMlW%2FZ7xTbR5fgyWgd%2Fnd9A%2BTM2mYl7QP8CfmMeqjeWSX%2FHmmDhWWGRZULlfnJC3UXQhxWXj8aVI1FhPyMwaD5c3vmMzCuIbKKAGvf%2BVJyfI9fPxGfolt3h7DbeXQ1AZy21SssUA1b0e2H5I5FUIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b6d27c40fc4694f-FRA
/
projectagora-483829-hdb.adomik.com/ Frame 7C57 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYjlhZjdlNjAtOWE0OS00MDVkLTg2NDMtMTA5MWIyNWY3MDExIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJPUEVOWCJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=b9af7e60-9a49-405d-8643-1091b25f7011&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame EA57 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKJPVTfwiRp%2F5jxJrpf024%2BJQwfBCNmOzrAQfsdn06mLvtU%2F%2FmIOvi4C6WR9yBmwcelaP7tAz4cGAL8EwDi7b3DAdPcpho2EryQqMQ6LDVPv4cQP5thKi2Zj4AdjpvRFupP18%2FQ9zWpEBKxnaIHCdi5vWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b6d27c40fc8694f-FRA
/
projectagora-483829-hdb.adomik.com/ Frame 0CB2 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYThlMWU3ODgtN2EzMS00ZmZkLThiMmQtY2IxZDY3NjU3YjZmIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiT1BFTlgifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=a8e1e788-7a31-4ffd-8b2d-cb1d67657b6f&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
de5e17ef-370b-4243-8b68-28d860e31ec3
https://video.gjirafa.com/ Frame D8F9 		59 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://video.gjirafa.com/de5e17ef-370b-4243-8b68-28d860e31ec3
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78678f40fc2508fd8c3cebb8195511a2bfe3890081067906907de8efe414321e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
60789
Content-Type
text/javascript
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 4FDD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSceDgFzupeVpbkxTs9kOK4jD4jJ7psldhFyLwi4A6QmCuSvMhi%2BxSa1%2B4w4BsP07cBkewxvOMBSc7lxdcSsNleG%2BVVKllj2%2FxkDdOI7MAor1zDnmNdEWt6I5tjiZcTlkRuEVVMcjF9LnrTt%2FQgqzrR3Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b6d27c40fc9694f-FRA
/
projectagora-483829-hdb.adomik.com/ Frame C269 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMTYwZjc1ODgtYmRiYS00OTAzLWJiOWItZTZlOWNkNjA4NzEzIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IklYIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=160f7588-bdba-4903-bb9b-e6e9cd608713&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
de958ba6-52b2-41d8-9bfa-fb325f3d41f4
https://video.gjirafa.com/ Frame 26F4 		59 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://video.gjirafa.com/de958ba6-52b2-41d8-9bfa-fb325f3d41f4
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78678f40fc2508fd8c3cebb8195511a2bfe3890081067906907de8efe414321e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
60789
Content-Type
text/javascript
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 2F42 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c004d880457a10d49e8c46ecb5327414e521fb9420aac2e365de794db65f7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
v3ghqPwufjEnGaMCdHrSVw2aawsACcmV
content-encoding
gzip
etag
"401bf340ff52ee77fa70bcb490e6ab45"
age
16173
x-cache
HIT
content-length
20086
x-amz-id-2
kl/31UGj+hfBkDn65WTFBQP+fesXkt5i2zs+DrQGDU0ok4NJ346j6AL00NTMn9WLpNBKg955PKQ=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:25:35 GMT
server
AmazonS3
x-timer
S1638370515.565239,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
ZQT764N823TDGF1G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
413
/
projectagora-483829-hdb.adomik.com/ Frame 3914 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNmYzNWIyODYtMDgzMy00NGQ1LWI5MDUtZjU0NWRiYTFkOGMwIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJSVUJJQ09OIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=6f35b286-0833-44d5-b905-f545dba1d8c0&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
impl.20211201-8-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2F42 		613 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9a7fb6a1406befc7f0b158e21bc25bc519b169b39e9d4eaeaf168f64df0d2dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bAGu20XHDxvdpOowF5d0HiY.kzRjF22
content-encoding
br
etag
"e81cac59ad224345e3c221835cbfeb0c"
age
18006
x-cache
HIT
content-length
128551
x-amz-id-2
7BCxnqQZv61uLvFN9je+Et2fL4m7tCVyb/kuXRwucjOJ4LHZrm1b1KhQZzCStgyUPDxwUYa6PQg=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 09:54:27 GMT
server
AmazonS3-br
x-timer
S1638370515.578158,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
CEBGNQY8VPZPVCKV
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
74978
PageView
bisko.gjirafa.com/tr/ Frame 26F4 		68 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/PageView?guid=dba1e85b6bdb4026bf088df430635f9933c47b95cfc54056bb452dd34e724515&sd=05833779fa3c445585259a979c4ec6a6&t=1638370514682&v=6.2&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&c[0].name=T7&c[0].e[0].k=live&c[0].e[0].v=true&c[0].e[1].k=showSeries&c[0].e[1].v=no-series&c[0].e[2].k=showName&c[0].e[2].v=T7&c[0].e[3].k=hostName&c[0].e[3].v=T7&c[0].category=Lajme%2CArg%C3%ABtim%2CPolitik%C3%AB%2CTema%20Sociale%2CDiskutime&c[0].id=41202&c[0].type=video&c[0].e[4].k=loggedin&c[0].e[4].v=false&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmWh2C%2BtVg7kzRhhmMEeTeMjGzdPu%2BICbPfX1CtaSobVLNfK4pkNZTYZJo6kNHAo8VE4bqniEJWkFFY4mA5pk7tSfzErgb4VukM3GTOAaAI4Cljkq1ESNgy6%2FXZ0vf%2FJKAnk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27c4cb995c02-FRA
content-length
68
activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657
5994599.fls.doubleclick.net/ Frame 3D8B
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657?
391 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657?
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
cbba81be3051e8991f30564494f6efc94f3ed2b60c626aa8308c5f816fd76234
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 01 Dec 2021 14:55:14 GMT
expires
Wed, 01 Dec 2021 14:55:14 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 01 Dec 2021 14:55:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900024.redintelligence.net/ Frame 298E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=bbe612e03c&subid=&uid=a0852fee61ced36b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1615193373940463859%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.gazetaexpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.gazetaexpress.com&random=1993578590983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
dee827bbb3290203bb7455c6f48f5ed2da6649e49cec650eb85b45debdb0866d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 01 Dec 2021 14:55:14 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1503
Connection
close
Content-Type
text/html; charset=utf-8
rd_log
ams1-ib.adnxs.com/ Frame D4D9 		0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&e=wqT_3QK2Eei2CAAAAwDWAAUBCNCZno0GEN-724KRp4zrZBgAKjYJYVW9_E6Twz8RTd9Ps14Rvj8ZAAAAQOF61D8hTQ0SACkRJNAxAAAAwPUovD8w6-qWBzjRGEAdSAhQi-CohgFYq75uYABo6rKYAXiytQWAAQGKAQNVU0SSAQEG8HGYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALnQ-ACwdZb6gIeaHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20v8gKwAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SkQFodHQFQTBwaXhlbC5tYXRodGFnBT3IY2xpY2svaW1nP210X2FpZD0xNjE1MTkzMzczOTQwNDYzODU5Jm10X2lkPTY2MjI0MDUmASlgZGlkPTIxNjUzNiZtdF9zaWQ9NDU2MjMxMgEPBGV4AUgAMwELGGluYXBwPTABC8Bvcz0mcmVkaXJlY3Q98gIZChRbQklEX0FUVFIuZ2Rwcl9mbGFnXRIBMPICHgoUW0FECRswYWR2ZXJ0aXNlcl0SBglzEPICFwoTOj0ALHN0cl0SAPICHQoSWxE7MGNyZWF0aXZlXRIHNjYFvBDyAigKERk6IGJpZF9pZF0SE0r1AAjyAhouZQCAZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXkYAiIIKChJbTk9USUZJQ0FUSU9OX1VSSV0S6wk8aW1nIHNyYz1oLd4MdGFnczKcARRub3RpZnklnQF_GD1hcG4mc18VC9BpZD01YVc5NXEyakx6SXpMeUF2V1dwVmVFMHlSbXBhVkUxMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAAVREQCSDwvEx6RTJNVFV4T1RNek56TTVOREEwTmpNNE5Ua3ZOall5TWpRd05TODBOVFl5TXpFeUx6RXpMMUp5Vkc1cmQxb3RSRUZKZEZsdmQzcFJRMlYxWjNnMmRWRjNUbEJUZW1NMWVGTXdMVmhKTVdSd1pHY3ZNUzh4TXk4d0x6QXZPVFUyT0RBekx6RTFNemszT1RnMk9ETXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFURXUDE13ZDAB5AhkTVYRIABFBRA69AAMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZNVE15T1M4Mk5pODVPVGt2TXpJeUx6a3hMakU1T1M0eE1UZ3VNAVQYakF3TUM4eCE8GE16Y3dOVEUhLCwyTXpnek9ETXhNVEkBTPBDdk16RTFNeTgvRDJaWXhMWDBBbVZ4LWhfZkVrcElQVEVET2dFJm5vZGVpZD0yNjMzJmdyb3VwPXpyaCZhdWN0aW9uaWRSsQMcc2hhcmRrZXlWHQB9rgRjaXnY8JVicD1hX2JmY2pkZCZuZnlfYWN0PUxENXdldyZiZmlwPTE4NS4yOS4xMzIuMjQmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz4BQ2UqAHQFLjRsZWZ0Oi0xMHB4O3RvcA0KSCBwb3NpdGlvbjphYnNvbHV0ZSdlWgQnaG1bAHBC-AQQZXZlbnRlW4ndGDEzNjg4NzWBqZHdLDc2NCZ2MT0xMyZ2MlJJASx2Mz02NTE4NzEmdjS1AAh2NT2NbQFMRG5zeW5jPTEmbm9fYXR0cj0xJy0lACc2DAEELz5S6AAAORHnAQmC5gAAdD5BBBnlAHQhrihtbUltcFRyYWNrJpVFAGKhq0rzBQRzdBXSJHRpbWU9W0lNUF-lrAEPBF0mXZZy0wDwpC9kaXY-gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDjsI-4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjkxLjE5OS4xMTguMTU1qAQAsgQPCAAQARjKByBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIvgqIYBiAUBmAUAoAWuqfiW4u7vkzTABQDJBQAAAAAAAPA_0gUJCQAAAAUPcNgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGBSLQAPA_0Ab5qwHaBhYKEIuWPR_ROEJdgYwDQiLji98QAxgB4AYB8gYCCACABwGIBwCgBwGqBwZJIgi6Bw8BUkwYACAAMAA4ugZAAMgHsrUF0gcNCQlbIAAAEAAYANoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=af02affa709a02d77c467c854c15ebafdf5aa074&bdref=https%3A%2F%2Fwww.gazetaexpress.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.gazetaexpress.com%2F,https%3A%2F%2Fwww.gazetaexpress.com%2F&
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1f7e4cb0-da0b-44e2-bac5-f766e6af4a2d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 0AE6 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c004d880457a10d49e8c46ecb5327414e521fb9420aac2e365de794db65f7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
v3ghqPwufjEnGaMCdHrSVw2aawsACcmV
content-encoding
gzip
etag
"401bf340ff52ee77fa70bcb490e6ab45"
age
16173
x-cache
HIT
content-length
20086
x-amz-id-2
kl/31UGj+hfBkDn65WTFBQP+fesXkt5i2zs+DrQGDU0ok4NJ346j6AL00NTMn9WLpNBKg955PKQ=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:25:35 GMT
server
AmazonS3
x-timer
S1638370515.716908,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
ZQT764N823TDGF1G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
414
/
projectagora-483829-hdb.adomik.com/ Frame 53FD 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiZjhiYTY2NTctYzQ0My00OWQ2LTk4ZjQtN2QwOGYwYmJhOTUyIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJJWCJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=f8ba6657-c443-49d6-98f4-7d08f0bba952&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame EB2D 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c004d880457a10d49e8c46ecb5327414e521fb9420aac2e365de794db65f7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
v3ghqPwufjEnGaMCdHrSVw2aawsACcmV
content-encoding
gzip
etag
"401bf340ff52ee77fa70bcb490e6ab45"
age
16173
x-cache
HIT
content-length
20086
x-amz-id-2
kl/31UGj+hfBkDn65WTFBQP+fesXkt5i2zs+DrQGDU0ok4NJ346j6AL00NTMn9WLpNBKg955PKQ=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:25:35 GMT
server
AmazonS3
x-timer
S1638370515.718882,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
ZQT764N823TDGF1G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
415
/
projectagora-483829-hdb.adomik.com/ Frame 8F69 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiY2ZiNDNhZDUtMmY5MC00ZGM4LThiMGEtNGJiMjE2MWM3NjFjIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiVFJJUExFTElGVCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IkNSSVRFTyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=cfb43ad5-2f90-4dc8-8b0a-4bb2161c761c&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
impl.20211201-8-RELEASE.js
cdn.taboola.com/libtrc/ Frame 0AE6 		613 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9a7fb6a1406befc7f0b158e21bc25bc519b169b39e9d4eaeaf168f64df0d2dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bAGu20XHDxvdpOowF5d0HiY.kzRjF22
content-encoding
br
etag
"e81cac59ad224345e3c221835cbfeb0c"
age
18006
x-cache
HIT
content-length
128551
x-amz-id-2
7BCxnqQZv61uLvFN9je+Et2fL4m7tCVyb/kuXRwucjOJ4LHZrm1b1KhQZzCStgyUPDxwUYa6PQg=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 09:54:27 GMT
server
AmazonS3-br
x-timer
S1638370515.733333,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
CEBGNQY8VPZPVCKV
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
74979
impl.20211201-8-RELEASE.js
cdn.taboola.com/libtrc/ Frame EB2D 		613 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9a7fb6a1406befc7f0b158e21bc25bc519b169b39e9d4eaeaf168f64df0d2dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bAGu20XHDxvdpOowF5d0HiY.kzRjF22
content-encoding
br
etag
"e81cac59ad224345e3c221835cbfeb0c"
age
18006
x-cache
HIT
content-length
128551
x-amz-id-2
7BCxnqQZv61uLvFN9je+Et2fL4m7tCVyb/kuXRwucjOJ4LHZrm1b1KhQZzCStgyUPDxwUYa6PQg=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 09:54:27 GMT
server
AmazonS3-br
x-timer
S1638370515.735508,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
CEBGNQY8VPZPVCKV
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
74980
view
securepubads.g.doubleclick.net/pcs/ Frame D4D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6rlFyxq4f1F5Kk2LHELleJe6ps2HpJVOTH_sSI-95qLDVZ9wHr38IyBKpPnsFn6J6Xw45GS3g0SVNW9YiV2PGtGkDiUTAdywiwpAgzM63RFXgqJSI02Q3xRuMabVu4lsAFv0SKTswvPpkDO8R_sj8jnQg5cRcAsyKhAD3gXqMfcQR_Xs8WLJXqOr_UiJTMcyoMgU8ytblG57iMVH2AdUvjRHgiURksGb2Zry1m9gKeQQToKioaTis0eB8UoXzV-Et5vqORg07wU5t7iLzS6EW9aoMCk9aZNsOwBp_stKFkGqIpRCWA7zZHIWcJ2M2CRjFTxXw&sig=Cg0ArKJSzLJgYL8_2udjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 01 Dec 2021 14:55:14 GMT
truncated
/ Frame D4D9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bb4ff6c73238620610fe37d029c220b69dcd992f4079b867dcaa133121b8b94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?oz_pl=1&c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&_x=1
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ap=&sr=3153&pp=1457516&ti=7266049169965899231&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&md=1&dm=970x90&gt=DE&ac=${CPG_ID}&pc=15054187&cr=281686027&c1=ams1&c2=0&cb=339515141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:14 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.ib.adnxs.com/2/2.40.1/ Frame D4D9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/main.js
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ap=&sr=3153&pp=1457516&ti=7266049169965899231&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&md=1&dm=970x90&gt=DE&ac=${CPG_ID}&pc=15054187&cr=281686027&c1=ams1&c2=0&cb=339515141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a03d26332b3b68759f4c9d3e807ef41fd49a4402056c85072c964d7307e39920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
48169
Expires
Sat, 09 Aug 2053 08:58:40 GMT
vevent
ams1-ib.adnxs.com/ Frame D4D9 		0
833 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&e=wqT_3QK7Cug7BQAAAwDWAAUBCNCZno0GEN-724KRp4zrZBgAKjYJYVW9_E6Twz8RTd9Ps14Rvj8ZAAAAQOF61D8hTQ0SACkRJNAxAAAAwPUovD8w6-qWBzjRGEAdSAhQi-CohgFYq75uYABo6rKYAXiytQWAAQGKAQNVU0SSAQEG9JsBmAHKB6ABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsHWW-oCHmh0dHBzOi8vd3d3LmdhemV0YWV4cHJlc3MuY29tL4ADAIgDAZADAJgDF6ADAaoDpgYK3QVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdldXcFZlRTB5Um1wYVZFMTBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMekUyTVRVeE9UTXpOek01TkRBME5qTTROVGt2TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDFKeVZHNXJkMW90UkVGSmRGbHZkM3BSUTJWMVp6aDNSV0ZFYWpGWmFuTmZTRGxyUkRGRVVFUmFaM012TVM4eE15OHdMekF2T1RVMk9EQXpMekUxTXprM09UZzJPRE12TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TjbEAARSTgkQCE13ZAXkGGRNVkVGM1QhBBBFMUVRWAnkBRAFICBjdk1DOHdMekENCGb8AAxlbkpvBSiIVE15T1M4Mk5pODVPVGt2TXpJeUx6a3hMakU1T1M0eE1UZ3UFVExqQXdNQzh4TmpNNE16Y3dOVEV5TAFg8HV6Z3pPRE14TVRJdk1UTXZNekUxTXk4L2ViNTBaVTg3encxVmZkYkVZRHR4UmNnUFhKRSZub2RlaWQ9MjYzMyZncm91cD16cmgmYXVjdGlvbmlkPTE2MTUxOTMzNzM5NDA0NjM4NTkmc2hhcmRrZXk9MTYxNTE5Nh0A8HFwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzIuMjQmc2lkPTQ1NjIzMTImY2lkPTY2MjI0MDUmc3JjPWFwaSZ0eXBlPWJ1cmwmY2xpZW50PXMycxITMTZChACwGhM3MjY2MDQ5MTY5OTY1ODk5MjMxIgkyODE2ODYwMjcqBjEwMTkzNjoHNjYyAWPwsMADrALIAwDYA47CPuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA45MS4xOTkuMTE4LjE1NagEALIEDwgAEAEYygcgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASL4KiGAYgFAZgFAKAFrqn4luLu75M0wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGAAUl8FXwP9AG-asB2gYWChCLlj0f0ThCXYGMA0Ii44vfEAMYAeAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPCAAQABgAIAAwADi6BkAAyAeytQXSBw0JAAVbBAAAAR4I2gcGCSdE4AcA6gcCCADwB7rrA4oIAhAA&s=6d463cf0eb892f2ce629de1acbe2a77300d7d8ba&type=nv&nvt=5&jm=1003&px=800&py=1110&bw=970&bh=90&sid=3361233661240667340&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15054187&sw=1600&sh=1200&pw=2510&ph=10106&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4cd95d61-6b79-4bf1-bf03-41a92d65ecb3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
projectagora-483829-hdb.adomik.com/ Frame E187 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDIyZDcxM2YtMWNkYy00MjdiLTg0ZTUtNDljZGM5NzYwYTc3IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IklYIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJBREZPUk0ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=422d713f-1cdc-427b-84e5-49cdc9760a77&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
36cf1d97ec316ec150290ce4ea90fee8.jpg
cdn.adnxs.com/p/36/cf/1d/97/ Frame 61B3 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adnxs.com/p/36/cf/1d/97/36cf1d97ec316ec150290ce4ea90fee8.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
63c47177726de5d0b0d5a84193be6c4014863ba54b9be3b058978f82690c7199

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Via
1.1 varnish, 1.1 varnish
Age
970976
X-Cache
HIT, HIT
X-Cache-Hits
1, 2
Connection
keep-alive
Content-Length
49399
X-Served-By
cache-lga13628-LGA, cache-hhn4059-HHN
Last-Modified
Wed, 07 Dec 2016 10:40:03 GMT
Server
AkamaiNetStorage
X-Timer
S1638370515.814154,VS0,VE0
ETag
"36cf1d97ec316ec150290ce4ea90fee8:1481107203"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 09:12:09 GMT
PageView
bisko.gjirafa.com/tr/ Frame D8F9 		68 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/PageView?guid=0ea6445ff5474b87a5607ae1e13d571412338baee68c42419b5097418ff5e788&sd=05833779fa3c445585259a979c4ec6a6&t=1638370514813&v=6.2&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&c[0].name=T7&c[0].e[0].k=live&c[0].e[0].v=true&c[0].e[1].k=showSeries&c[0].e[1].v=no-series&c[0].e[2].k=showName&c[0].e[2].v=T7&c[0].e[3].k=hostName&c[0].e[3].v=T7&c[0].category=Lajme%2CArg%C3%ABtim%2CPolitik%C3%AB%2CTema%20Sociale%2CDiskutime&c[0].id=41202&c[0].type=video&c[0].e[4].k=loggedin&c[0].e[4].v=false&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L69nXRnx2qN%2B9HdO%2FzFLLL%2FsobD7bIfqVgcKMZWIbTYJaMEHxXQpRhXymx4UBxJR1LbHjnxzTqaDPHwzKN5AwftjFIuZDBfgVu6LBL2AQFGIzB6KtOkTCL%2FwRU6jvV%2FWCUS%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27c59d7a5c02-FRA
content-length
68
start
analyticsvideo.gjirafa.com/signalr/ Frame 26F4 		25 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analyticsvideo.gjirafa.com/signalr/start?transport=webSockets&clientProtocol=1.5&token=zxqyzk&connectionToken=WWfjeewjUsBru2xcMjkHKSfM3%2BIMRFdHLA0TZPRLgRfPbw%2Bktf4RA3Bo9bFUeGIL1e55dsesJeXOARVefJp94kGgrKLFsWw6NQHjccw2Og%2Bj0kH4OxekEp2d4MZCo3X4&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%2C%7B%22name%22%3A%22livehub%22%7D%2C%7B%22name%22%3A%22notificationhub%22%7D%2C%7B%22name%22%3A%22videohub%22%7D%5D&_=1638370513314
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.68.155.202 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3129903.ip-51-68-155.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://video.gjirafa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Expires
-1
S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 298E 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x90.gif
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:53 GMT
Server
nginx
ETag
"5b55f219-5fce"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24526
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 3EC9 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c004d880457a10d49e8c46ecb5327414e521fb9420aac2e365de794db65f7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
v3ghqPwufjEnGaMCdHrSVw2aawsACcmV
content-encoding
gzip
etag
"401bf340ff52ee77fa70bcb490e6ab45"
age
16173
x-cache
HIT
content-length
20086
x-amz-id-2
kl/31UGj+hfBkDn65WTFBQP+fesXkt5i2zs+DrQGDU0ok4NJ346j6AL00NTMn9WLpNBKg955PKQ=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:25:35 GMT
server
AmazonS3
x-timer
S1638370515.837200,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
ZQT764N823TDGF1G
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
416
/
projectagora-483829-hdb.adomik.com/ Frame 1051 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYWJhNmRmNjctMGNiZi00NjIyLTg5NTctMDk5ZDdmMWM5OTc5IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiSVgifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=aba6df67-0cbf-4622-8957-099d7f1c9979&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
viewability
hal900024.redintelligence.net/ Frame 298E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=22986500127232700951443011795024&a=e7023cf8&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 298E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame 298E 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
/
projectagora-483829-hdb.adomik.com/ Frame B025 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMWExODcwZTAtNDZlMy00ZmI3LWE4MDEtNWI3OGE4OTc2ZGM2IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJJWCJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=1a1870e0-46e3-4fb7-a801-5b78a8976dc6&part=0&on=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.26.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-26-45.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Dec 2021 14:55:14 GMT
Server
nginx
36cf1d97ec316ec150290ce4ea90fee8.jpg
cdn.adnxs.com/p/36/cf/1d/97/ Frame E1E4 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adnxs.com/p/36/cf/1d/97/36cf1d97ec316ec150290ce4ea90fee8.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
63c47177726de5d0b0d5a84193be6c4014863ba54b9be3b058978f82690c7199

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:14 GMT
Via
1.1 varnish, 1.1 varnish
Age
970976
X-Cache
HIT, HIT
X-Cache-Hits
1, 3
Connection
keep-alive
Content-Length
49399
X-Served-By
cache-lga13628-LGA, cache-hhn4059-HHN
Last-Modified
Wed, 07 Dec 2016 10:40:03 GMT
Server
AkamaiNetStorage
X-Timer
S1638370515.854033,VS0,VE0
ETag
"36cf1d97ec316ec150290ce4ea90fee8:1481107203"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 09:12:09 GMT
1638370474187.ts
samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/ Frame 26F4 		189 KB
189 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://samiu.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/1638370474187.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.250 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
225c28fdc4924f8056b499d21a574dee328a749320027aee751d9b4d8e878fe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
x-backend
gjlenc03
age
34
x-backend-age
1
x-backend-f
silencer
content-length
193076
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
"61a78cae-2f234"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
698514166 698925739
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck2
x-backend-s
20m
accept-ranges
bytes
content-type
video/MP2T
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 17:04:38 GMT
impl.20211201-8-RELEASE.js
cdn.taboola.com/libtrc/ Frame 3EC9 		613 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9a7fb6a1406befc7f0b158e21bc25bc519b169b39e9d4eaeaf168f64df0d2dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bAGu20XHDxvdpOowF5d0HiY.kzRjF22
content-encoding
br
etag
"e81cac59ad224345e3c221835cbfeb0c"
age
18006
x-cache
HIT
content-length
128551
x-amz-id-2
7BCxnqQZv61uLvFN9je+Et2fL4m7tCVyb/kuXRwucjOJ4LHZrm1b1KhQZzCStgyUPDxwUYa6PQg=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 09:54:27 GMT
server
AmazonS3-br
x-timer
S1638370515.871034,VS0,VE0
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
x-amz-request-id
CEBGNQY8VPZPVCKV
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
74983
1638370474187.ts
naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/ Frame D8F9 		189 KB
189 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://naimi.gjirafa.com/live/rcBFeREIqcMkNthqI6YCr3Riss97l2MC/yzg0yt360/1638370474187.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/0/13/2?v=dYmIxEegSCdCtPGE9z4jx2fuR0WdQ9r775OOKhcSvFA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.67.179.249 , Albania, ASN29170 (KUJTESA-AS, AL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
225c28fdc4924f8056b499d21a574dee328a749320027aee751d9b4d8e878fe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:14 GMT
x-backend
gjlenc03
age
33
x-backend-age
2
x-backend-f
silencer
content-length
193076
server
nginx/1.18.0 (Ubuntu)
x-backend-g
1s
etag
"61a78cae-2f234"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
815505938 815708849
access-control-allow-origin
*
cache-control
no-cache
x-server
gjck1
x-backend-s
20m
accept-ranges
bytes
content-type
video/MP2T
access-control-allow-headers
Range, Authorization
expires
Wed, 01 Dec 2021 17:04:38 GMT
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?oz_pl=1&c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&_x=1
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ap=&sr=3153&pp=1457516&ti=7266049169965899231&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&md=1&dm=970x90&gt=DE&ac=${CPG_ID}&pc=15054187&cr=281686027&c1=ams1&c2=0&cb=339515141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:14 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657
adservice.google.com/ddm/fls/z/ Frame 3D8B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPZquTtwvQCFcxgFQgdqGgH9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7456008418191.657?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370514913&oz_l=135&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:14 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
80988
video.gjirafa.com/Action/SaveView/ Frame D8F9 		94 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Action/SaveView/80988
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a3f665fd38311a12d279f5099b71b69b3da7e6f32bb2fdf3e571f806bac5c77

Request headers

Accept
*/*
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Rq1ZsZwRBNoUvNa4O85nmaV2K16R20YVDvW6lTixBLaWDtY%2BAkUt62K781eH1gktgKbqp04uRVX8PqNXBBjRLfxVYo5vUZPfGqs6ZPfaf7BuKuMa1VwQatxZUtCBN5jfZmG"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
6b6d27c66f7c5c02-FRA
x-aspnet-version
4.0.30319
bid
central.gjirafa.com/ Frame D8F9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/bid
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=RYQcCYyrazlxFQJAZ0GNOxMgLCfmAtiPGUxKn1uoL5Y1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
524b319c58ebf5b553fd48abe0e0f5789777f7924488201e971d14df5655cc24

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqAFH249eMMOXiXYYzYH4Pwl4VRbRrLNjfSubF4BaUw8C9gtGWLswTyoYlNUe0UpVnOXslF3NQxiHBy0iEbT%2F4cKz3sG6xiPVdIyksbgEvQrqrEim67Zsp0bOOOjnp4Myi8bcto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
6b6d27c67fb05c02-FRA
80988
video.gjirafa.com/Action/SaveView/ Frame 26F4 		94 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Action/SaveView/80988
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a3f665fd38311a12d279f5099b71b69b3da7e6f32bb2fdf3e571f806bac5c77

Request headers

Accept
*/*
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOsuw%2Frw5%2B9q9A3gAY3n56fZ2EgwtOvxArCuJlIq5a%2BePCkciWJSTog05Yhkkf2b96v1o7zLTDI6AafAvFkYiKmIBHtU%2FLB3SLL6C2t8I4n6tUja1xHCMBgp6CxUq9g8hoBp"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
6b6d27c68fcd5c02-FRA
x-aspnet-version
4.0.30319
bid
central.gjirafa.com/ Frame 26F4 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/bid
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=RYQcCYyrazlxFQJAZ0GNOxMgLCfmAtiPGUxKn1uoL5Y1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e6cb2949d3e2ee73d2705dce6ff2ab5f181b3f29b0268e878879d5a453d62b5f

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csz1kjS%2F6PDWiYlUExs9kZ0gnPpzrhBZsuhhaxbCiGhaeCaFBlqQJe9PJhZPFK4%2Bc6DWhCoLQlr%2FFqr24qqHbK2S8VYmwAf9ALM%2B7uW04ZgivkeboGAiJmwX%2B7McC7%2FSv1oB3TA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
6b6d27c68fe05c02-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe81b77b2d87700aa4ef86aceed606e4cd5c7a03ef3c7a11e1bf230f7d21ae66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9253
x-xss-protection
0
start
analyticsvideo.gjirafa.com/signalr/ Frame D8F9 		25 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analyticsvideo.gjirafa.com/signalr/start?transport=webSockets&clientProtocol=1.5&token=zxqyzk&connectionToken=hgK%2FDUEZc8xXY00ML9oj5RU2K7bsbel95SR0u1TGyiNUM1mIMJYk5OFXogQHFkoiKySgSDqEPYBfAcZcQzHVR1pwLJAN68X%2Bux40dk9AHM6Ww6x1QGacKLvZoxzhAg%2Fg&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%2C%7B%22name%22%3A%22livehub%22%7D%2C%7B%22name%22%3A%22notificationhub%22%7D%2C%7B%22name%22%3A%22videohub%22%7D%5D&_=1638370513447
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=j5WI_Kxuk_KEV8CRhJoHFNei-lHjuMVGBLRRYV0KUk81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.68.155.202 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3129903.ip-51-68-155.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:14 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://video.gjirafa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Expires
-1
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1638370515003415759976&uniqId=0b47d&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2F&sessionId=61a78cd3-003fc&pageView=1&pvid=17d767e183b8b893f11&site=634059&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b6d27c6da272c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 01 Dec 2021 14:55:15 GMT
adSrcNoUi.js
video-native.mgid.com/scripts/ 		1 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 12:35:01 GMT
server
nginx
etag
"56d-5b05ee52e311c-gzip"
vary
Accept-Encoding
x-cached-since
2021-06-08T09:28:15+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
481
expires
Wed, 08 Jun 2022 09:28:15 GMT
aniview.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a6::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d62d597db03aad0266b8d188f8d139f72b07b89a1100033d3d839df578096ea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsu37GRXTLQSSv5wtgqapfe48_vlPaYRQAQJA2rixxDsn7T6v-nPmozBAsGHET2BfktMwBiC2kXSI6tta9hFDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9567
last-modified
Wed, 01 Dec 2021 07:00:15 GMT
server
UploadServer
etag
"3c702315be1b2911987f3734e06eeb93"
vary
Accept-Encoding
x-goog-hash
crc32c=sMCPnw==, md5=PHAjFb4bKRGYfzc04G7rkw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1638342015384524
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9567
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 01 Dec 2021 15:00:15 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=605de80c8e4c691eb1491318&e=playerLoaded&cb=1638370515042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.170.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-170-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5A79 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 01 Dec 2021 14:52:21 GMT
expires
Thu, 01 Dec 2022 14:52:21 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 27DB 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2cc5bcede5d21653a72789b1e8eb13d3f38ae4ba975ee9c52852bf4fe8479ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jpOKFlt35BtibC4sp1tchw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 01 Dec 2021 14:55:15 GMT
date
Wed, 01 Dec 2021 14:55:15 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-jpOKFlt35BtibC4sp1tchw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
result
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/cv/ 		2 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/cv/result?req_id=6b6d27b189844401
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.201.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xykRfV%2BsD1Gp89eVzafPR6PaSP6knFvBZgv1Iz1WJVKq666diT4UO5Qv%2FC7qeAdiQMCagesFGIDdMHatG6eK2LBwDm5VuDbjMiDM9TlbfhsjTPe2U6TrFwu%2FfDgYk1OM%2F3X7KDKzE78%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6b6d27c8581968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2
1
servicer.mgid.com/1000638/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1000638/1?pv=5&cbuster=1638370515259636537675&uniqId=0b47d&niet=4g&nisd=false&jsv=es6&w=0&h=-1&wrongImageSize=1&p1_w=0&p1_h=0&maxw_1=0&maxh_1=0&cols=1&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2F&sessionId=61a78cd3-003fc&pageView=1&pvid=17d767e183b8b893f11&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765fdd395e8dab4cbb26210484ab46c1d1c3217ac787a3e6fa9629c746154e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b6d27c87d7f2c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 2F42 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=14%3A55%3A15.293&lti=deflated&data=%7B%22id%22%3A845%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1638354320461%2C%22vi%22%3A1638370515291%2C%22cv%22%3A%2220211201-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C18287006%3Dthumbnails-a%3Aabp%3D1%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9dcfd51d5d66ff9eb74e058d0279b9a52c455449d929c79a1b417171ad02ef9a

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
183
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1638370515.307292,VS0,VE183
x-served-by
cache-fra19148-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 27DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2799477278644123&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370515306&oz_l=5537&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:14 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 5A79 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 12:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
9519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Dec 2022 12:16:36 GMT
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 0AE6 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=14%3A55%3A15.354&lti=deflated&data=%7B%22id%22%3A743%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1638354320461%2C%22vi%22%3A1638370515291%2C%22cv%22%3A%2220211201-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C18287006%3Dthumbnails-a%3Aabp%3D1%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7eb9e61390e75e75da78c3135da51d13a412a262a856aa185fa1c07a01e41e97

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
98
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1638370515.360959,VS0,VE98
x-served-by
cache-fra19148-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame EB2D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=14%3A55%3A15.385&lti=deflated&data=%7B%22id%22%3A787%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1638354320461%2C%22vi%22%3A1638370515291%2C%22cv%22%3A%2220211201-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C18287006%3Dthumbnails-a%3Aabp%3D1%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd131d938827f077fab22fca720385678443c21b019afdca6a217d2690dcef57

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
108
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1638370515.388624,VS0,VE108
x-served-by
cache-fra19148-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
syncframe
gum.criteo.com/ Frame CD83 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2382
date
Wed, 01 Dec 2021 14:55:14 GMT
content-length
4683
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:15 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:15 GMT
outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 15:08:40 GMT
server
nginx
etag
"4885-5cc0a12ca1c8c-gzip"
vary
Accept-Encoding
x-cached-since
2021-11-23T11:30:05+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2617
expires
Wed, 23 Nov 2022 11:30:05 GMT
mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 08:55:19 GMT
server
nginx
etag
"6184-5cd0a5f7ec588-gzip"
vary
Accept-Encoding
x-cached-since
2021-11-23T11:30:05+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
3405
expires
Wed, 23 Nov 2022 11:30:05 GMT
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 3EC9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=14%3A55%3A15.438&lti=deflated&data=%7B%22id%22%3A652%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1638354320461%2C%22vi%22%3A1638370515291%2C%22cv%22%3A%2220211201-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C18287006%3Dthumbnails-a%3Aabp%3D1%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96e1cdb5ecce35dae1cfa720a533a238668f235ab4ea1f3b551e2a5f3f86baec

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
90
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1638370515.441612,VS0,VE90
x-served-by
cache-fra19148-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 0AE6 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
9598
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6020
x-amz-id-2
hiw1XgwoImvw06Vb3YZrUJ6eL1Z0cexnqJennWoYFzqMsXldgRSnTEl4N3rwI4IP86GzntObZJk=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1638370515.479334,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
X26RFR85WM7BGGTC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
45422
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 0AE6 		2 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
15380
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
702
x-amz-id-2
jyWZuln+ElHMSSQRR+XLpJX1I9T9MWlceCEMDxfJQrfkzsozXpvTWSs1/jJg3xXRXIU67vROPDQ=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1638370515.479469,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
AHERG0CV7YPBH6S2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
1
x-cache-hits
78078
tfa-eid.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 0AE6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e435ff9dee480a194d1247d4367ff517de459631d705d58b2e190ff76034bde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
XiC2Yjqc2aNdXjtT0rqP7fWm_0v56lK1
content-encoding
gzip
etag
"603a1315aba9bb0551f6be8078573491"
age
17287
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5061
x-amz-id-2
STdFfNm2AYOpwAgs6gtD5FLFG1McA998DX+4kG8FUxDM3eKCpUP4++cshpBQWqpY4ZO5KIEEExI=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:56 GMT
server
AmazonS3
x-timer
S1638370515.480115,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
0VSEDAYDCCBHEXJN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
88475
sha256.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 0AE6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a5f918cca4fe96581202824009f28a2512ac35a1e53774884a58b689fe3b8c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bZErImL4TvwUW8ifmm2l8Joi5Xla0UX
content-encoding
gzip
etag
"39c772d0bdb9c59a3b7073b4c64c2f01"
age
17266
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
injYtnzgw9IevWda+2eJ6f5Li+hxV3CMKWYolXoWqL8zS9mP8Se9QOVKKDKC4QJ0RIvuMv+xTDE=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:07:18 GMT
server
AmazonS3
x-timer
S1638370515.480607,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
1D88HCKSJWABNNBC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
79987
userx.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 0AE6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e00d0d0c340c657a8abb7a4a21f314ba46e77ea88c0d4a7d35d93ea726c1d5e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
bGXaBLLsd87xyXbsGn4mjgbpdHvVcUee
content-encoding
gzip
etag
"ac82615058891b7e1a44db4f36283b5f"
age
17373
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
+OYsDPRn2Fh9uwNbgzvWXNHO8t7M0GjaUxBTiLP6uyxM2c/Lz0WNxFqUHgLx+mVsjvn7UDiPCl8=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:39 GMT
server
AmazonS3
x-timer
S1638370515.492343,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
FW81Y5WFF6TGP0J8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
27043
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370515458&oz_l=4755&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:15 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 2F42 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
9598
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6020
x-amz-id-2
hiw1XgwoImvw06Vb3YZrUJ6eL1Z0cexnqJennWoYFzqMsXldgRSnTEl4N3rwI4IP86GzntObZJk=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1638370516.530375,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
X26RFR85WM7BGGTC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
45423
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 2F42 		2 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
15380
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
702
x-amz-id-2
jyWZuln+ElHMSSQRR+XLpJX1I9T9MWlceCEMDxfJQrfkzsozXpvTWSs1/jJg3xXRXIU67vROPDQ=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1638370516.530444,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
AHERG0CV7YPBH6S2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
1
x-cache-hits
78080
tfa-eid.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2F42 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e435ff9dee480a194d1247d4367ff517de459631d705d58b2e190ff76034bde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
XiC2Yjqc2aNdXjtT0rqP7fWm_0v56lK1
content-encoding
gzip
etag
"603a1315aba9bb0551f6be8078573491"
age
17287
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5061
x-amz-id-2
STdFfNm2AYOpwAgs6gtD5FLFG1McA998DX+4kG8FUxDM3eKCpUP4++cshpBQWqpY4ZO5KIEEExI=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:56 GMT
server
AmazonS3
x-timer
S1638370516.531817,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
0VSEDAYDCCBHEXJN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
88477
sha256.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2F42 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a5f918cca4fe96581202824009f28a2512ac35a1e53774884a58b689fe3b8c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bZErImL4TvwUW8ifmm2l8Joi5Xla0UX
content-encoding
gzip
etag
"39c772d0bdb9c59a3b7073b4c64c2f01"
age
17266
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
injYtnzgw9IevWda+2eJ6f5Li+hxV3CMKWYolXoWqL8zS9mP8Se9QOVKKDKC4QJ0RIvuMv+xTDE=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:07:18 GMT
server
AmazonS3
x-timer
S1638370516.531937,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
1D88HCKSJWABNNBC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
79989
userx.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2F42 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e00d0d0c340c657a8abb7a4a21f314ba46e77ea88c0d4a7d35d93ea726c1d5e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
bGXaBLLsd87xyXbsGn4mjgbpdHvVcUee
content-encoding
gzip
etag
"ac82615058891b7e1a44db4f36283b5f"
age
17373
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
+OYsDPRn2Fh9uwNbgzvWXNHO8t7M0GjaUxBTiLP6uyxM2c/Lz0WNxFqUHgLx+mVsjvn7UDiPCl8=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:39 GMT
server
AmazonS3
x-timer
S1638370516.541102,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
FW81Y5WFF6TGP0J8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
27044
fix-user-id
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 2F42 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/fix-user-id?lti=deflated&ri=09cd47f008ade2cb8a41ef332e2a80e9&sd=v2_e8f00c6b0e0c15a5e21deec83a551d1e_cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&ui=cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253&pi=/&wi=9098500860506017953&pt=text&vi=1638370515291&time=1638370515528&fromUser=13be56eb-548e-4fa9-8c18-1580b3f7255b-tuct8a11253&toUser=cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253&fromSD=v2_f12b19420719dd4bf6a7cf316d66db51_13be56eb-548e-4fa9-8c18-1580b3f7255b-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&toSD=v2_e8f00c6b0e0c15a5e21deec83a551d1e_cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&tim=14%3A55%3A15.528&id=7835&llvl=2&cv=20211201-8-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370516.542062,VS0,VE12
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame EB2D 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
9598
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6020
x-amz-id-2
hiw1XgwoImvw06Vb3YZrUJ6eL1Z0cexnqJennWoYFzqMsXldgRSnTEl4N3rwI4IP86GzntObZJk=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1638370516.542617,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
X26RFR85WM7BGGTC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
45424
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame EB2D 		2 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
15380
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
702
x-amz-id-2
jyWZuln+ElHMSSQRR+XLpJX1I9T9MWlceCEMDxfJQrfkzsozXpvTWSs1/jJg3xXRXIU67vROPDQ=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1638370516.542654,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
AHERG0CV7YPBH6S2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
1
x-cache-hits
78081
tfa-eid.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame EB2D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e435ff9dee480a194d1247d4367ff517de459631d705d58b2e190ff76034bde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
XiC2Yjqc2aNdXjtT0rqP7fWm_0v56lK1
content-encoding
gzip
etag
"603a1315aba9bb0551f6be8078573491"
age
17287
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5061
x-amz-id-2
STdFfNm2AYOpwAgs6gtD5FLFG1McA998DX+4kG8FUxDM3eKCpUP4++cshpBQWqpY4ZO5KIEEExI=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:56 GMT
server
AmazonS3
x-timer
S1638370516.543826,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
0VSEDAYDCCBHEXJN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
88478
sha256.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame EB2D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a5f918cca4fe96581202824009f28a2512ac35a1e53774884a58b689fe3b8c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bZErImL4TvwUW8ifmm2l8Joi5Xla0UX
content-encoding
gzip
etag
"39c772d0bdb9c59a3b7073b4c64c2f01"
age
17266
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
injYtnzgw9IevWda+2eJ6f5Li+hxV3CMKWYolXoWqL8zS9mP8Se9QOVKKDKC4QJ0RIvuMv+xTDE=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:07:18 GMT
server
AmazonS3
x-timer
S1638370516.543831,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
1D88HCKSJWABNNBC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
79990
userx.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame EB2D 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e00d0d0c340c657a8abb7a4a21f314ba46e77ea88c0d4a7d35d93ea726c1d5e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
bGXaBLLsd87xyXbsGn4mjgbpdHvVcUee
content-encoding
gzip
etag
"ac82615058891b7e1a44db4f36283b5f"
age
17373
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
+OYsDPRn2Fh9uwNbgzvWXNHO8t7M0GjaUxBTiLP6uyxM2c/Lz0WNxFqUHgLx+mVsjvn7UDiPCl8=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:39 GMT
server
AmazonS3
x-timer
S1638370516.548068,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
FW81Y5WFF6TGP0J8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
27045
fix-user-id
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame EB2D 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/fix-user-id?lti=deflated&ri=33f209f03f2805ff77ab5a686a180559&sd=v2_21f1a280a20b708a7cbeb5015093af5a_638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&ui=638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253&pi=/&wi=9098500860506017953&pt=text&vi=1638370515291&time=1638370515539&fromUser=cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253&toUser=638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253&fromSD=v2_e8f00c6b0e0c15a5e21deec83a551d1e_cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&toSD=v2_21f1a280a20b708a7cbeb5015093af5a_638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&tim=14%3A55%3A15.539&id=5585&llvl=2&cv=20211201-8-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370516.548223,VS0,VE9
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
truncated
/ Frame 987F 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
36d3d031189293002ed1c677534fbc70.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
445716
edge-cache-tag
582687356405103429936286516110016473964,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
378
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
content-length
3094
x-request-id
c65f0289036ad6c6f501f0d244a8b9b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 25 Nov 2021 07:29:16 GMT
server
nginx
x-timer
S1638370516.558983,VS0,VE0
etag
"907125e50f0113f4890c1c149e0c8a6b"
x-served-by
cache-bwi5020-BWI, cache-dca17781-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
45236de419748e8ccd24ae79236cf970.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
586e63dbc437c8dd8d55cac75ae2e10cdda94e20c52e6e6dec0ef21b89716bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
3568295
edge-cache-tag
502799783262806491759975645567713804953,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
120
expiration
expiry-date="Fri, 19 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
content-length
3696
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 19 Oct 2021 11:50:10 GMT
server
nginx
x-timer
S1638370516.558598,VS0,VE1
etag
"9e765bb50742078a848f8997beec0ecd"
x-served-by
cache-wdc5540-WDC, cache-dca17771-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
99536fe1f376b97b41d057a3496d6d93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
1409344
edge-cache-tag
443685926060078172013583846079940400930,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
content-length
2718
x-request-id
dceae323b1b2a4dac6039f90a9876223
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Nov 2021 10:18:37 GMT
server
nginx
x-timer
S1638370516.558819,VS0,VE0
etag
"76d8c76d7590be7e029e123449457805"
x-served-by
cache-bwi5041-BWI, cache-dca12923-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1638370515-Rh0c6mUK437MGszS-_GxfaS38r5ko61mm2gV9B3wt9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c8510a3e9e263084f58658c2b4ea2588d1d7f7448605006f932992bb1e0cd3

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:23 GMT
x-mg-request-uuid
67de5546-3b80-4eef-bd8a-9707375438d9
age
1112232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b6d27ca7ba32b65-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14878
server
cloudflare
cache
prebid.adnxs.com/pbc/v1/ Frame D8F9 		63 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=RYQcCYyrazlxFQJAZ0GNOxMgLCfmAtiPGUxKn1uoL5Y1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
2b756f222b7ff953d196d25f0b5149893162b80cec4a11ffeaaec47c0c355dca

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://video.gjirafa.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 3EC9 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
9598
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6020
x-amz-id-2
hiw1XgwoImvw06Vb3YZrUJ6eL1Z0cexnqJennWoYFzqMsXldgRSnTEl4N3rwI4IP86GzntObZJk=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1638370516.579510,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
X26RFR85WM7BGGTC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
45425
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 3EC9 		2 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
15380
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
702
x-amz-id-2
jyWZuln+ElHMSSQRR+XLpJX1I9T9MWlceCEMDxfJQrfkzsozXpvTWSs1/jJg3xXRXIU67vROPDQ=
x-served-by
cache-fra19148-FRA
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1638370516.579592,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
AHERG0CV7YPBH6S2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
1
x-cache-hits
78082
tfa-eid.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3EC9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e435ff9dee480a194d1247d4367ff517de459631d705d58b2e190ff76034bde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
XiC2Yjqc2aNdXjtT0rqP7fWm_0v56lK1
content-encoding
gzip
etag
"603a1315aba9bb0551f6be8078573491"
age
17287
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5061
x-amz-id-2
STdFfNm2AYOpwAgs6gtD5FLFG1McA998DX+4kG8FUxDM3eKCpUP4++cshpBQWqpY4ZO5KIEEExI=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:56 GMT
server
AmazonS3
x-timer
S1638370516.580402,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
0VSEDAYDCCBHEXJN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
88479
sha256.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3EC9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a5f918cca4fe96581202824009f28a2512ac35a1e53774884a58b689fe3b8c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
7bZErImL4TvwUW8ifmm2l8Joi5Xla0UX
content-encoding
gzip
etag
"39c772d0bdb9c59a3b7073b4c64c2f01"
age
17266
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
injYtnzgw9IevWda+2eJ6f5Li+hxV3CMKWYolXoWqL8zS9mP8Se9QOVKKDKC4QJ0RIvuMv+xTDE=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:07:18 GMT
server
AmazonS3
x-timer
S1638370516.580932,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
1D88HCKSJWABNNBC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
79991
userx.20211201-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3EC9 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211201-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e00d0d0c340c657a8abb7a4a21f314ba46e77ea88c0d4a7d35d93ea726c1d5e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
bGXaBLLsd87xyXbsGn4mjgbpdHvVcUee
content-encoding
gzip
etag
"ac82615058891b7e1a44db4f36283b5f"
age
17373
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
+OYsDPRn2Fh9uwNbgzvWXNHO8t7M0GjaUxBTiLP6uyxM2c/Lz0WNxFqUHgLx+mVsjvn7UDiPCl8=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 01 Dec 2021 10:05:39 GMT
server
AmazonS3
x-timer
S1638370516.591122,VS0,VE0
date
Wed, 01 Dec 2021 14:55:15 GMT
vary
Accept-Encoding
x-amz-request-id
FW81Y5WFF6TGP0J8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
27046
fix-user-id
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 3EC9 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/fix-user-id?lti=deflated&ri=d39787f2445b2660d755d22ca532fc62&sd=v2_ad71588e41c23dc4d82b9f28487c16f1_5ce4b490-97df-4b1b-a3fa-520c9ce7130b-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&ui=5ce4b490-97df-4b1b-a3fa-520c9ce7130b-tuct8a11253&pi=/&wi=9098500860506017953&pt=text&vi=1638370515291&time=1638370515577&fromUser=638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253&toUser=5ce4b490-97df-4b1b-a3fa-520c9ce7130b-tuct8a11253&fromSD=v2_21f1a280a20b708a7cbeb5015093af5a_638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&toSD=v2_ad71588e41c23dc4d82b9f28487c16f1_5ce4b490-97df-4b1b-a3fa-520c9ce7130b-tuct8a11253_1638370515_1638370515_CIi3jgYQppVNGNuy-LPXLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGiQmMHcuKuioghwAA&tim=14%3A55%3A15.577&id=6089&llvl=2&cv=20211201-8-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370516.591369,VS0,VE9
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
36d3d031189293002ed1c677534fbc70.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
445716
edge-cache-tag
582687356405103429936286516110016473964,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
378
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
content-length
3094
x-request-id
c65f0289036ad6c6f501f0d244a8b9b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 25 Nov 2021 07:29:16 GMT
server
nginx
x-timer
S1638370516.592099,VS0,VE0
etag
"907125e50f0113f4890c1c149e0c8a6b"
x-served-by
cache-bwi5020-BWI, cache-dca17781-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
45236de419748e8ccd24ae79236cf970.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
586e63dbc437c8dd8d55cac75ae2e10cdda94e20c52e6e6dec0ef21b89716bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
3568295
edge-cache-tag
502799783262806491759975645567713804953,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
120
expiration
expiry-date="Fri, 19 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
content-length
3696
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 19 Oct 2021 11:50:10 GMT
server
nginx
x-timer
S1638370516.592312,VS0,VE0
etag
"9e765bb50742078a848f8997beec0ecd"
x-served-by
cache-wdc5540-WDC, cache-dca17771-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
99536fe1f376b97b41d057a3496d6d93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
1409344
edge-cache-tag
443685926060078172013583846079940400930,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
content-length
2718
x-request-id
dceae323b1b2a4dac6039f90a9876223
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Nov 2021 10:18:37 GMT
server
nginx
x-timer
S1638370516.592470,VS0,VE0
etag
"76d8c76d7590be7e029e123449457805"
x-served-by
cache-bwi5041-BWI, cache-dca12923-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
4af2d97f17e95268d628b3602df406d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af2d97f17e95268d628b3602df406d2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
78e772d69cb135b99853f79780bcf7ca49ab4a9a6ecbb8fa0f854f112a29e28a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
617031
edge-cache-tag
419238662643697474252585416050240587253,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
820
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af2d97f17e95268d628b3602df406d2.png
content-length
3706
x-request-id
e3167df2c71414dae0b929de9fb43385
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 23 Nov 2021 17:19:50 GMT
server
nginx
x-timer
S1638370516.601241,VS0,VE1
etag
"9782a683914a16ebdbebc9112537f637"
x-served-by
cache-bwi5079-BWI, cache-dca17770-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
99536fe1f376b97b41d057a3496d6d93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
1409344
edge-cache-tag
443685926060078172013583846079940400930,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
content-length
2718
x-request-id
dceae323b1b2a4dac6039f90a9876223
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Nov 2021 10:18:37 GMT
server
nginx
x-timer
S1638370516.611464,VS0,VE0
etag
"76d8c76d7590be7e029e123449457805"
x-served-by
cache-bwi5041-BWI, cache-dca12923-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
cache
prebid.adnxs.com/pbc/v1/ Frame 26F4 		63 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=RYQcCYyrazlxFQJAZ0GNOxMgLCfmAtiPGUxKn1uoL5Y1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
b3f22aa940cc0a7c4132be6d72a8596eb27b5870b78dbbb65d4b1180c42d849b

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://video.gjirafa.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
36d3d031189293002ed1c677534fbc70.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
445716
edge-cache-tag
582687356405103429936286516110016473964,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
378
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
content-length
3094
x-request-id
c65f0289036ad6c6f501f0d244a8b9b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 25 Nov 2021 07:29:16 GMT
server
nginx
x-timer
S1638370516.611695,VS0,VE0
etag
"907125e50f0113f4890c1c149e0c8a6b"
x-served-by
cache-bwi5020-BWI, cache-dca17781-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5
sid
mug.criteo.com/ Frame CD83
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=JLA5_HxudE5DNUtxSFFRL2xUaXpvd3dBYUJabnFjb1VxMkFpZnAxenBIU21tcmlkdHYvYkhBeXNNQlh4VFd4YWdoQk5vQXliM0tQV2YyMDVYclVac2IyQ3ZuZFlMQVREMURWTGtld1g2RlNZV3NXa0hlSHI1S3pzY3lsMX...
433 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JLA5_HxudE5DNUtxSFFRL2xUaXpvd3dBYUJabnFjb1VxMkFpZnAxenBIU21tcmlkdHYvYkhBeXNNQlh4VFd4YWdoQk5vQXliM0tQV2YyMDVYclVac2IyQ3ZuZFlMQVREMURWTGtld1g2RlNZV3NXa0hlSHI1S3pzY3lsMXZpTnRTQUo0b2JESlZBNlhwWERJQk9oMFl2UFhBYlkxSkJ0SFlUMEVIbHZqbUZHOThtTUJIMjlieWdrT1Q5MUg4cXVtTWNIWmw2TGFUVWhZRmpkaWdpeWxpOU5ZN3RJL29DWUtPWG51UElSN0J2RUV4S0FtMU9LbFJiZDJpbEEwMmlsRUFUOEFtcGNEQW1IRTlUY0hVSkF4RitiV0dUdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
43180fc4174ec0038a92e0d58e432b2db3b8d6463f637fae888bfa84240d73e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 01 Dec 2021 14:55:14 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4249
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 01 Dec 2021 14:55:15 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=JLA5_HxudE5DNUtxSFFRL2xUaXpvd3dBYUJabnFjb1VxMkFpZnAxenBIU21tcmlkdHYvYkhBeXNNQlh4VFd4YWdoQk5vQXliM0tQV2YyMDVYclVac2IyQ3ZuZFlMQVREMURWTGtld1g2RlNZV3NXa0hlSHI1S3pzY3lsMXZpTnRTQUo0b2JESlZBNlhwWERJQk9oMFl2UFhBYlkxSkJ0SFlUMEVIbHZqbUZHOThtTUJIMjlieWdrT1Q5MUg4cXVtTWNIWmw2TGFUVWhZRmpkaWdpeWxpOU5ZN3RJL29DWUtPWG51UElSN0J2RUV4S0FtMU9LbFJiZDJpbEEwMmlsRUFUOEFtcGNEQW1IRTlUY0hVSkF4RitiV0dUdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1856
content-length
541
expires
0
36d3d031189293002ed1c677534fbc70.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
445716
edge-cache-tag
582687356405103429936286516110016473964,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
378
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
content-length
3094
x-request-id
c65f0289036ad6c6f501f0d244a8b9b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 25 Nov 2021 07:29:16 GMT
server
nginx
x-timer
S1638370516.639829,VS0,VE0
etag
"907125e50f0113f4890c1c149e0c8a6b"
x-served-by
cache-bwi5020-BWI, cache-dca17781-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6
45236de419748e8ccd24ae79236cf970.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
586e63dbc437c8dd8d55cac75ae2e10cdda94e20c52e6e6dec0ef21b89716bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
3568295
edge-cache-tag
502799783262806491759975645567713804953,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
120
expiration
expiry-date="Fri, 19 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
content-length
3696
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 19 Oct 2021 11:50:10 GMT
server
nginx
x-timer
S1638370516.639984,VS0,VE0
etag
"9e765bb50742078a848f8997beec0ecd"
x-served-by
cache-wdc5540-WDC, cache-dca17771-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
99536fe1f376b97b41d057a3496d6d93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
1409344
edge-cache-tag
443685926060078172013583846079940400930,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
content-length
2718
x-request-id
dceae323b1b2a4dac6039f90a9876223
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Nov 2021 10:18:37 GMT
server
nginx
x-timer
S1638370516.640083,VS0,VE0
etag
"76d8c76d7590be7e029e123449457805"
x-served-by
cache-bwi5041-BWI, cache-dca12923-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame 0AE6 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=14%3A55%3A15.647&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=534&cv=20211201-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13893
integrator.js
adservice.google.com/adsid/ Frame D8F9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=video.gjirafa.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
4af2d97f17e95268d628b3602df406d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af2d97f17e95268d628b3602df406d2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
78e772d69cb135b99853f79780bcf7ca49ab4a9a6ecbb8fa0f854f112a29e28a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
617031
edge-cache-tag
419238662643697474252585416050240587253,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
820
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4af2d97f17e95268d628b3602df406d2.png
content-length
3706
x-request-id
e3167df2c71414dae0b929de9fb43385
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 23 Nov 2021 17:19:50 GMT
server
nginx
x-timer
S1638370516.660473,VS0,VE0
etag
"9782a683914a16ebdbebc9112537f637"
x-served-by
cache-bwi5079-BWI, cache-dca17770-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
99536fe1f376b97b41d057a3496d6d93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
1409344
edge-cache-tag
443685926060078172013583846079940400930,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
content-length
2718
x-request-id
dceae323b1b2a4dac6039f90a9876223
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Nov 2021 10:18:37 GMT
server
nginx
x-timer
S1638370516.660608,VS0,VE0
etag
"76d8c76d7590be7e029e123449457805"
x-served-by
cache-bwi5041-BWI, cache-dca12923-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6
36d3d031189293002ed1c677534fbc70.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
445716
edge-cache-tag
582687356405103429936286516110016473964,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
378
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
content-length
3094
x-request-id
c65f0289036ad6c6f501f0d244a8b9b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 25 Nov 2021 07:29:16 GMT
server
nginx
x-timer
S1638370516.660709,VS0,VE0
etag
"907125e50f0113f4890c1c149e0c8a6b"
x-served-by
cache-bwi5020-BWI, cache-dca17781-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7
graphql
s333.adxpremium.services/ 		84 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash
bd78e608399216d3bc69b5af9089f0f056f33121c5fd85bb8cacf03e801bdad4

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
84
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
date
Wed, 01 Dec 2021 14:55:15 GMT
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 26F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=video.gjirafa.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
36d3d031189293002ed1c677534fbc70.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
445716
edge-cache-tag
582687356405103429936286516110016473964,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
378
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36d3d031189293002ed1c677534fbc70.jpg
content-length
3094
x-request-id
c65f0289036ad6c6f501f0d244a8b9b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 25 Nov 2021 07:29:16 GMT
server
nginx
x-timer
S1638370516.673137,VS0,VE0
etag
"907125e50f0113f4890c1c149e0c8a6b"
x-served-by
cache-bwi5020-BWI, cache-dca17781-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 8
45236de419748e8ccd24ae79236cf970.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
586e63dbc437c8dd8d55cac75ae2e10cdda94e20c52e6e6dec0ef21b89716bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
3568295
edge-cache-tag
502799783262806491759975645567713804953,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
120
expiration
expiry-date="Fri, 19 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
content-length
3696
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 19 Oct 2021 11:50:10 GMT
server
nginx
x-timer
S1638370516.673267,VS0,VE0
etag
"9e765bb50742078a848f8997beec0ecd"
x-served-by
cache-wdc5540-WDC, cache-dca17771-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
99536fe1f376b97b41d057a3496d6d93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 varnish, 1.1 varnish
age
1409344
edge-cache-tag
443685926060078172013583846079940400930,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
content-length
2718
x-request-id
dceae323b1b2a4dac6039f90a9876223
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Nov 2021 10:18:37 GMT
server
nginx
x-timer
S1638370516.673391,VS0,VE0
etag
"76d8c76d7590be7e029e123449457805"
x-served-by
cache-bwi5041-BWI, cache-dca12923-DCA, cache-fra19148-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame 2F42 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=14%3A55%3A15.669&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=693&cv=20211201-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13893
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame EB2D 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=14%3A55%3A15.670&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4727&cv=20211201-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13893
AVmanager.js
player.aniview.com/script/6.1/ Frame E08E 		364 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a6::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvW6CiWItHQ2pLMFFsYdpsqHZsPsaDYLaGwHVzSOLkmOsbNXU99QNcpqqQfu5GpYDuX1zA8p6lpzeox4YlnIHw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104652
last-modified
Wed, 01 Dec 2021 06:59:43 GMT
server
UploadServer
etag
"c090f073758d1a9717d1a9aa2c037cb5"
vary
Accept-Encoding
x-goog-hash
crc32c=bxmpzg==, md5=wJDwc3WNGpcX0amqLAN8tQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1638341983568684
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104652
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 01 Dec 2021 15:00:15 GMT
debug
am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/ Frame 3EC9 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress728x90gr-r18287006/log/2/debug?tim=14%3A55%3A15.686&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5441&cv=20211201-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13893
pv
bisko.gjirafa.com/ Frame 26F4 		68 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1638370515692&guid=dba1e85b6bdb4026bf088df430635f9933c47b95cfc54056bb452dd34e724515&sd=05833779fa3c445585259a979c4ec6a6&c=%5B%5D&tg=%5B%5D&tt=T7%20-%20gjirafaVideo&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&r=https%3A%2F%2Fwww.gazetaexpress.com%2F&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDXzTTbvpCzQbebpdVOOTIpxfGJeHQwBkdSy%2FLxAMB%2FDvj%2Bf%2BASvyDUTMAtFcKqvZx1GD8FZPg6s1QVnOSqz2ZoLXonM1CtXZOOvoDy0ZEFss9xhn9WX%2FfoRQ0RrkZGUoeXX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27cb1bd15c02-FRA
content-length
68
i.js
cm.mgid.com/ 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1638370515715807735477
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e2cc649e3ff4e5f5d0912de725eb4b8b286bf4322424753414dd3e18a749ad4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27cb5afc2c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2799477278644123&bg=!5uWl5aHNAAZQLpa_UC47ACkAdvg8Wvs7cgINeCKgyB20Zo6xYCMbpaGgodFDQClGapnVxwejv0LJ9AIAAAEtUgAAACJoAQeZApOFons3U5iwHkddeTTfwY2lcbHAwjoH5f33rq7MKLETkVsGh_09bggWrYIZOFLZ7_LU8j37WIpHoxIUOBMFV_ia5YudxiM191slcj1_eYBsQ6tVmiVGZCj6MmQfYKqgFSJcL-CbmmeUsqQFmaVhh6VPtF-tGK0jvhsm4vV0lC0myy2sLxL04FF8JNo4-56pQ0nsvj-JEYQjGKVRz_9po-IsXYzOsTERUol8_rtsaS2KvfFoy7VMVbBOx5_nXNh8n7Zz11Atww0H3VMwIDOk_RVB6_7IfOMuh27QEgVK4NpsCuuge7DkIwLCGggOFEmpXqeZqb2Mz6DOcRKjIq3MpMdvEgKv31jujPY2R-a-aABvV2LVXUC_GmoHdD3HDCUaBUF2TfmWbEdI8kLswqWAClVx-nR97Xr0veE85OrAn2xApH6vc9YFiHKxmY2XnMee3Oi6_5hVX-H0wDsd1x7EuZifnGiYtP0z_bf01g5kfJyFjTHlbGe_q65jNWqC7E9xQNUATYlgkKfn4p9ZrgfHzs7QfpaIH0DzhWRaHb8oZRo2yPGrjfrKB--KYLrlIq9C85zDvw4uMwRxFOKOmpmss28fhpKKZSwynOVRtEvuJ7UuM_0cd14WDpwAxY7ObLLvjbkfsT2EP6TXkbYnbrLwzuREsGHCmbsHwg6nMEIGWSRw3j4efr0zLwodAOk2yMXuXFARrae3u_fqWUIVZIuPR7XyFBMh1aWHLSibvFHw5RgTX0iaAoouS66ELNJ0YNw1mLzp9LGsNaFt9hLaCDCxzNjU5p7dJPQI3kSKh4cMtRfzd3UeHjXIkz7amdIZhNHXEhpmaQj9U4hVYDz-RvMIMaCyCMny5dh4nVbP_uVtcu9nK7A80w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.gazetaexpress.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1000638&cd6=11&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.1.2.90&apppkg=&fv=1&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=605de80c8e4c691eb1491318&stagid=&stplid=&e=inventory&vi=0&cb=1638370515757
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.170.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-170-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rendervast
central.gjirafa.com/ Frame 1E9A 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/rendervast?p=nqwGJW8XutynTG5%2fB6GeEk9vQhSqpyCyn%2b1nN36EonUWGZTuZ%2boPfT71gTyObyy1rqTatIjsyQQhw%2byrcyzy6wrWtHIf64Sm14nRXGH6AMEPRyVfnEWKzi7Gg03dA8EPDfKvtq4lnWvRF6%2fiWU9QqJtolEP6yaYRal86VEtk0m61qOXYbxyTCL9dDQmko6DlhxhlEr3EJiDAog0aox1a14oXTUW42WOehuQqROvqm7MAOsZo4YQ%2bNdY2Uc5Shlfy%2bE%2bkBbtIJG0IirYzoctnjnfhfGGd2HmxflsmRGhGAkT7ESyz0Yiw5EFNez1OhPPPyr7uKpgD3eneWjuREFXiGc%2f5u1aqmTl5vOC8CVU51fQRmQ2t0T6o5UFdk0Gr%2bZqgwnLkWmV2aeUp5wH1CdOCyBf9wD9u617kyZuw%2fL2eR0TUi9ekBhHGx8yP%2fyqK%2ffFtJzI6W5lSxha3JrKUNW%2b%2bV1TcjhViSi0xY34UhxMe9tcWGqACLtON1BTFcZYzWsfVuSPSb84wb3xPg7N85%2fWPlXtZvZOQYhW%2f0z%2fPhEiXNK%2fWyDWPlzkWoM2sqhYdTomrKCEYfWwYXGv1cMvWT%2bOqgA%3d%3d
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
116cf6c3658b1aef6dd3b536d8852c5520df9ec7a6197ef233be5df1a8c22468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAevVufT6ovRDFjeRd0WOmRhn9VP75wOz9gxP2z3iSA7GxLLtauUHfU3FUF5qqHXBDZn7xj2%2BLrbbfG8%2F6d%2BMkPSef4HEzyiicl0gg%2BxWuHgvtxZ45t2gybT4aqyJcf%2Ft7F0PJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
private
access-control-allow-credentials
true
cf-ray
6b6d27cb9d3a5c02-FRA
rendervast
central.gjirafa.com/ Frame 777C 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/rendervast?p=nqwGJW8XutynTG5%2fB6GeEh%2bXaTlMJvWDZ0U9IuvWCkjPfnbh9DiRy%2bedsY4lTTlgD6p7Re%2fmPID2p79c2qZGhNIGXCZeeQwt5whBaE1AHl9CLWXyMkRmP6rMbiKineSB6kn3x%2fat5dh%2bYln0iuSo3Yedl%2bPZ2oRrNl7JGegX6ARaSVJU9QjRPw0PHk11hufiR4YlLOOxHl0BRg7J0oGL24%2b0SXyp6F7fupeCZavTTvy0%2bs2WU%2fp2XTal9MaJxiw64akv7BQZdNyEIkm7pNBaQ9PGkekZBvIYdTqLuXa1f9C%2b6MbQ7uTq3Y7pDyFs3M2mhFXDV%2fg1bEf766W7v5ICEY%2fcf4eNWeplAUzpNVkio34YJtRjB6%2b4MM9QObJVP36p7x1v%2fW7An6WV3ZDFub5qEz%2fFUL7pHB%2fPTQAW%2fJ4WUrofupOqxjjZpa9kqdInlHjEW0neG5Oc0qJcycCakh3hoDzON7sABUBkxwNPh2zvsCx0H1PB6XM4l%2fbgBQVzKeVFJUF4HDeFXwn01%2fx%2f2HG2469oVlHSZkFfTfuN3CE27WwTnJLONzvdkIhAMjVk2E7d5A8Lz%2bZhb6wEghXOlLFm5g%3d%3d
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
112f87ed2b66157ef202fa8537d4040b1172df38fbe944d9656b1a16d7bdf908

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOTIBccCwavApj9hg8ZRV2zHsxiVKoV3rJzxPei0fux6%2Fhn3dTW7orC%2BQnngQYbtE9xxgfbuOooQCHKULqCcJuNz6GB0PlgWbExj5wSWhslcTI9WDiAXdvWKceC8juuwTrFQ6eI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
private
access-control-allow-credentials
true
cf-ray
6b6d27cbad7c5c02-FRA
/
go1.aniview.com/api/adserver/tag/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1000638&AV_CDIM5=&AV_CDIM6=11&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gazetaexpress.com%2F&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=605de80c8e4c691eb1491318&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gazetaexpress.com&AV_DADPOS=1&d36=6.1.2.90&sver=1&avtoken=515756&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1638370515798
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.40.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-40-65.compute-1.amazonaws.com
Software
/
Resource Hash
8feb953a6a4ff5a76d5dd29b54055fbbbcff63997cd60214f5eb5392de5d5b0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 20 Nov 2021 01:08:36 GMT
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1000638&e=adinventory&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=32863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b6d27cbca364e08-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 6906 		19 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1638370515800678893196
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1000638.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27cbca464e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370515773&oz_l=59&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:15 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
graphql
s333.adxpremium.services/ 		84 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash
9739a3ce1b24468dba68022ca4b41c2f10f6fb1fef0931ac881031cb8dfcb7ab

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
84
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
date
Wed, 01 Dec 2021 14:55:15 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D4D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvw4mKNOR552V-VxEFasEfNVfgTL6GZpU8ahVtJkD99Lph5x21EOIL3qiAnzeAiDCCJoLi2x1fKp8vKni1mM-tT3JjU9N4OMZniv30oKySn9usXP4ZE&sig=Cg0ArKJSzGQr0zzvayvkEAE&id=lidar2&mcvt=1007&p=1110,315,1200,1285&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1438139209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638370514195&rpt=584&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 0D0E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1638370515715807735477
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Dec 2021 14:55:15 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 01 Dec 2021 14:55:15 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync.html
s.adtelligent.com/ Frame 1587 		1 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1638370515715807735477
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 01 Dec 2021 14:55:15 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lb1f_GQtMhT6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b6d27cc0f1d702e-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=e67b3007-4689-4e1d-87a2-ea846b68bbe2
43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=e67b3007-4689-4e1d-87a2-ea846b68bbe2
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27d00b8a4e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=e67b3007-4689-4e1d-87a2-ea846b68bbe2
date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=NxdRaGkZZGsZgEa0CY5n&pi=mgid&tc=1
43 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=NxdRaGkZZGsZgEa0CY5n&pi=mgid&tc=1
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27cc5b7f4e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=NxdRaGkZZGsZgEa0CY5n&pi=mgid&tc=1
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT, Wed, 01 Dec 2021 14:55:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
1011
jadserve.postrelease.com/suid/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lb1f_GQtMhT6
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lb1f_GQtMhT6
  • https://jadserve.postrelease.com/suid/1011?vk=1ad12f31-8e66-4653-b9f7-041710d108db
43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1011?vk=1ad12f31-8e66-4653-b9f7-041710d108db
Protocol
H2
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Location
//jadserve.postrelease.com/suid/1011?vk=1ad12f31-8e66-4653-b9f7-041710d108db
Date
Wed, 01 Dec 2021 14:55:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lb1f_GQtMhT6
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4922489347080781784&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:15 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lb1f_GQtMhT6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b6d27cc08154a9e-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
mw
mwzeom.zeotap.com/ 		95 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lb1f_GQtMhT6&zpartnerid=1532&zdid=1532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cf-ray
6b6d27cc0be12b1e-FRA
access-control-allow-headers
*
content-length
95
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=56bd679e-859b-473b-adad-e7ce7527f7fa
43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=56bd679e-859b-473b-adad-e7ce7527f7fa
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27ccdce94e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=56bd679e-859b-473b-adad-e7ce7527f7fa
date
Wed, 01 Dec 2021 14:55:15 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=76ec29de-a143-4b49-bc72-e8760bb365f9&ttl=1640962515
43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=76ec29de-a143-4b49-bc72-e8760bb365f9&ttl=1640962515
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27cced144e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=76ec29de-a143-4b49-bc72-e8760bb365f9&ttl=1640962515
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGIxZl9HUXRNaFQ2&muidn=lb1f_GQtMhT6
  • https://cm.mgid.com/google?muidn=lb1f_GQtMhT6&google_ula={guid},5&google_gid=CAESEKi0vVwgaXrlHsLxbq1AkwE&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lb1f_GQtMhT6&google_ula={guid},5&google_gid=CAESEKi0vVwgaXrlHsLxbq1AkwE&google_cver=1
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b6d27cc5b904e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lb1f_GQtMhT6&google_ula={guid},5&google_gid=CAESEKi0vVwgaXrlHsLxbq1AkwE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=1ad12f31-8e66-4653-b9f7-041710d108db&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_7d1f0c75-2e8f-4644-b9cf-04693fdad864&bsw_param=1ad12f31-8e66-4653-b9f7-041710d108db&expires=10
  • https://cm.mgid.com/m?cdsp=433145&c=1ad12f31-8e66-4653-b9f7-041710d108db&gdpr=&gdpr_consent=&us_privacy=
43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=1ad12f31-8e66-4653-b9f7-041710d108db&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b6d27ccccc24e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=1ad12f31-8e66-4653-b9f7-041710d108db&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 01 Dec 2021 14:55:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
csi
csi.gstatic.com/ Frame 1E9A 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwnni3o5&c=2215991192247&slotId=1107995596123.5&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=3&vhc=0&ghmsh_eids=44715336%2C44750822
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pv
bisko.gjirafa.com/ Frame D8F9 		68 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1638370515834&guid=0ea6445ff5474b87a5607ae1e13d571412338baee68c42419b5097418ff5e788&sd=05833779fa3c445585259a979c4ec6a6&c=%5B%5D&tg=%5B%5D&tt=T7%20-%20gjirafaVideo&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&r=https%3A%2F%2Fwww.gazetaexpress.com%2F&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zz0uFcdNUcLtveOOVNhsSkbdYLbM%2B%2FD2VCZmmcjKho%2FDN1htxjmub3J6mADOkVhbCH29O30VhnGEoixYXV0bFkOc3HUH8t%2BjE9lsJmkzEuId%2Bm%2FxR3VHnoAPyJdzL4InHKSZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27cbfea65c02-FRA
content-length
68
csi
csi.gstatic.com/ Frame D8F9 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwnni35d&c=2215991192247&slotId=1107995596123.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame D4D9 		0
833 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2F&e=wqT_3QK7Cug7BQAAAwDWAAUBCNCZno0GEN-724KRp4zrZBgAKjYJYVW9_E6Twz8RTd9Ps14Rvj8ZAAAAQOF61D8hTQ0SACkRJNAxAAAAwPUovD8w6-qWBzjRGEAdSAhQi-CohgFYq75uYABo6rKYAXiytQWAAQGKAQNVU0SSAQEG9JsBmAHKB6ABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsHWW-oCHmh0dHBzOi8vd3d3LmdhemV0YWV4cHJlc3MuY29tL4ADAIgDAZADAJgDF6ADAaoDpgYK3QVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdldXcFZlRTB5Um1wYVZFMTBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMekUyTVRVeE9UTXpOek01TkRBME5qTTROVGt2TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDFKeVZHNXJkMW90UkVGSmRGbHZkM3BSUTJWMVp6aDNSV0ZFYWpGWmFuTmZTRGxyUkRGRVVFUmFaM012TVM4eE15OHdMekF2T1RVMk9EQXpMekUxTXprM09UZzJPRE12TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TjbEAARSTgkQCE13ZAXkGGRNVkVGM1QhBBBFMUVRWAnkBRAFICBjdk1DOHdMekENCGb8AAxlbkpvBSiIVE15T1M4Mk5pODVPVGt2TXpJeUx6a3hMakU1T1M0eE1UZ3UFVExqQXdNQzh4TmpNNE16Y3dOVEV5TAFg8HV6Z3pPRE14TVRJdk1UTXZNekUxTXk4L2ViNTBaVTg3encxVmZkYkVZRHR4UmNnUFhKRSZub2RlaWQ9MjYzMyZncm91cD16cmgmYXVjdGlvbmlkPTE2MTUxOTMzNzM5NDA0NjM4NTkmc2hhcmRrZXk9MTYxNTE5Nh0A8HFwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzIuMjQmc2lkPTQ1NjIzMTImY2lkPTY2MjI0MDUmc3JjPWFwaSZ0eXBlPWJ1cmwmY2xpZW50PXMycxITMTZChACwGhM3MjY2MDQ5MTY5OTY1ODk5MjMxIgkyODE2ODYwMjcqBjEwMTkzNjoHNjYyAWPwsMADrALIAwDYA47CPuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA45MS4xOTkuMTE4LjE1NagEALIEDwgAEAEYygcgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASL4KiGAYgFAZgFAKAFrqn4luLu75M0wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGAAUl8FXwP9AG-asB2gYWChCLlj0f0ThCXYGMA0Ii44vfEAMYAeAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPCAAQABgAIAAwADi6BkAAyAeytQXSBw0JAAVbBAAAAR4I2gcGCSdE4AcA6gcCCADwB7rrA4oIAhAA&s=6d463cf0eb892f2ce629de1acbe2a77300d7d8ba&type=pv&jm=1003&px=800&py=1110&bw=970&bh=90&sf=1&sid=3361233661240667340&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15054187&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 01 Dec 2021 14:55:15 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4f05dd08-304f-470c-8888-a5611d07a7bc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900024.redintelligence.net/ Frame 298E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=22986500127232700951443011795024&a=e7023cf8&vb=v
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=22986500127232700951443011795024&a=021e36dc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
index480.mp4
puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/ Frame D8F9 		79 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/index480.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.110.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3109444.ip-54-36-110.eu
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
X-Backend
gjcn1
Age
256509
X-Amz-Storage-Class
STANDARD
X-Backend-Age
93154
X-Backend-F
silencer
Connection
keep-alive
Content-Length
11597245
X-Varnish
561775688 548352603
Content-Range
bytes 0-11597244/11597245
Server
nginx/1.16.1
X-Backend-G
10s
ETag
"0e3c7560e862129d396336b0c5ee4346"
Access-Control-Allow-Methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000022e5a9-0061a236f3-230428-eu-west-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
gjcs-puma-ns3109444
x-rgw-object-type
Normal
X-Backend-S
72h
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Range, Authorization
csi
csi.gstatic.com/ Frame 777C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwnni3mz&c=6737966795242&slotId=3368983397621&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=3&vhc=0&ghmsh_eids=44750821%2C44754345
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 26F4 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwnni33e&c=6737966795242&slotId=3368983397621&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index480.mp4
puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/ Frame 26F4 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/index480.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.110.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3109444.ip-54-36-110.eu
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
X-Backend
gjcn1
Age
256509
X-Amz-Storage-Class
STANDARD
X-Backend-Age
93154
X-Backend-F
silencer
Connection
keep-alive
Content-Length
11597245
X-Varnish
561629601 548352603
Content-Range
bytes 0-11597244/11597245
Server
nginx/1.16.1
X-Backend-G
10s
ETag
"0e3c7560e862129d396336b0c5ee4346"
Access-Control-Allow-Methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000022e5a9-0061a236f3-230428-eu-west-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
gjcs-puma-ns3109444
x-rgw-object-type
Normal
X-Backend-S
72h
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Range, Authorization
usync.js
eus.rubiconproject.com/ Frame 0D0E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17714
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 01 Dec 2021 19:50:29 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0D0E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
ViewContent
bisko.gjirafa.com/tr/ Frame D8F9 		68 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/ViewContent?guid=0ea6445ff5474b87a5607ae1e13d571412338baee68c42419b5097418ff5e788&sd=05833779fa3c445585259a979c4ec6a6&t=1638370515940&v=6.2&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&c[0].name=T7&c[0].e[0].k=live&c[0].e[0].v=true&c[0].e[1].k=showSeries&c[0].e[1].v=no-series&c[0].e[2].k=showName&c[0].e[2].v=T7&c[0].e[3].k=hostName&c[0].e[3].v=T7&c[0].category=Lajme%2CArg%C3%ABtim%2CPolitik%C3%AB%2CTema%20Sociale%2CDiskutime&c[0].id=41202&c[0].type=video&c[0].e[4].k=loggedin&c[0].e[4].v=false&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOzE%2FKqumV9cTi3m0PmVesi%2Bf3GXPbApIojpY7qVdoUCvRpIzxUmp59dOKYeQzqrpmH9843XxY%2Fy01HlvWLUT73oUi2S212KXS2ls0GNwUnamjH3ps0%2B3stnX8R%2BanyOl67k"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27cca8565c02-FRA
content-length
68
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370515930&oz_l=152&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:15 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
csync
sync.adtelligent.com/ Frame 1587 		0
0
1s
bisko.gjirafa.com/tr/ Frame D8F9 		68 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/1s?guid=0ea6445ff5474b87a5607ae1e13d571412338baee68c42419b5097418ff5e788&sd=05833779fa3c445585259a979c4ec6a6&t=1638370515964&v=6.2&c[0].id=41202&c[0].name=T7&c[0].type=video&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:15 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUXeUzSfwSI6TB7PkNzfwPTBY11ktmGKxzElBktCiHaPx8sc7ToqqyOWh%2BGqHdnh6reREI%2FjcgUAldQ4oi67ciW%2FZP90MLSTZNPWdpy1xQdQnkrldSUCOZSmMZ6AY5U1jUV6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27ccc8ba5c02-FRA
content-length
68
ViewContent
bisko.gjirafa.com/tr/ Frame 26F4 		68 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/ViewContent?guid=dba1e85b6bdb4026bf088df430635f9933c47b95cfc54056bb452dd34e724515&sd=05833779fa3c445585259a979c4ec6a6&t=1638370515967&v=6.2&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&c[0].name=T7&c[0].e[0].k=live&c[0].e[0].v=true&c[0].e[1].k=showSeries&c[0].e[1].v=no-series&c[0].e[2].k=showName&c[0].e[2].v=T7&c[0].e[3].k=hostName&c[0].e[3].v=T7&c[0].category=Lajme%2CArg%C3%ABtim%2CPolitik%C3%AB%2CTema%20Sociale%2CDiskutime&c[0].id=41202&c[0].type=video&c[0].e[4].k=loggedin&c[0].e[4].v=false&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCO5T1QeuNTR01uzzERHxLwWtFy%2F5PTWgAzfYONR%2FiRDxHdmRbaaktI3sAzcI7N5Drs5XKaGheL%2BqXVSyqCs%2FYwnd2XyYt7h6sY4StQvrhHMmP1eZxshfOX7uzZB8oK2w8uJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27ccd8c65c02-FRA
content-length
68
1s
bisko.gjirafa.com/tr/ Frame 26F4 		68 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/1s?guid=dba1e85b6bdb4026bf088df430635f9933c47b95cfc54056bb452dd34e724515&sd=05833779fa3c445585259a979c4ec6a6&t=1638370515970&v=6.2&c[0].id=41202&c[0].name=T7&c[0].type=video&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Ft7-live%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dD%2Bc6sezk53fRgJjKjLZTGPUKJtH2EzEtz2bINlxI0QqdU%2FWwWjXO8gmjRwtxhD0amAthm3wevGeymLLZf4wV4LdRPWOD9TfN1fv3ADzMqj3pYKB%2Bd33vUV5%2FpsrEUJ%2FRRSZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27ccd8ca5c02-FRA
content-length
68
index480.mp4
puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/ Frame D8F9 		61 KB
62 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/index480.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.110.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3109444.ip-54-36-110.eu
Software
nginx/1.16.1 /
Resource Hash
00aa09f642802fe217575dd891aa280fe47b8e949f7c244c0208488eedee2ac7

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=11534336-

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
X-Backend
gjcn1
Age
256509
X-Amz-Storage-Class
STANDARD
X-Backend-Age
93154
X-Backend-F
silencer
Connection
keep-alive
Content-Length
62909
X-Varnish
561775690 548352603
Content-Range
bytes 11534336-11597244/11597245
Server
nginx/1.16.1
X-Backend-G
10s
ETag
"0e3c7560e862129d396336b0c5ee4346"
Access-Control-Allow-Methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000022e5a9-0061a236f3-230428-eu-west-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
gjcs-puma-ns3109444
x-rgw-object-type
Normal
X-Backend-S
72h
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Range, Authorization
index480.mp4
puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/ Frame 26F4 		61 KB
62 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/index480.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.110.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3109444.ip-54-36-110.eu
Software
nginx/1.16.1 /
Resource Hash
00aa09f642802fe217575dd891aa280fe47b8e949f7c244c0208488eedee2ac7

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=11534336-

Response headers

Date
Wed, 01 Dec 2021 14:55:15 GMT
X-Backend
gjcn1
Age
256509
X-Amz-Storage-Class
STANDARD
X-Backend-Age
93154
X-Backend-F
silencer
Connection
keep-alive
Content-Length
62909
X-Varnish
561629603 548352603
Content-Range
bytes 11534336-11597244/11597245
Server
nginx/1.16.1
X-Backend-G
10s
ETag
"0e3c7560e862129d396336b0c5ee4346"
Access-Control-Allow-Methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000022e5a9-0061a236f3-230428-eu-west-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
gjcs-puma-ns3109444
x-rgw-object-type
Normal
X-Backend-S
72h
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Range, Authorization
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1E15 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
709414.gif
id.rlcdn.com/ Frame 0D0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 0D0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOTkkyUUotMUctNlZLMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOTkkyUUotMUctNlZLMw==
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dOTkkyUUotMUctNlZLMw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 0D0E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0D0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/20kC8yDhmRTl8eFtnqBphMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=705737203631916884
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=705737203631916884
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Wed, 01 Dec 2021 14:55:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=705737203631916884
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 0D0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFuw8y4s4JieZUAlosISyFw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFuw8y4s4JieZUAlosISyFw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFuw8y4s4JieZUAlosISyFw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0D0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YaeM1AAIyONTSwBG
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaeM1AAIyONTSwBG&_test=YaeM1AAIyONTSwBG
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaeM1AAIyONTSwBG&_test=YaeM1AAIyONTSwBG
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638370516.163857,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaeM1AAIyONTSwBG&_test=YaeM1AAIyONTSwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame 0D0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWNNI2QJ-1G-6VK3&sigv=1&esig=2~84bf6608560c92d4533c5fd684e82c282ebf06a4
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWNNI2QJ-1G-6VK3&sigv=1&esig=2~84bf6608560c92d4533c5fd684e82c282ebf06a4
Protocol
H2
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWNNI2QJ-1G-6VK3&sigv=1&esig=2~84bf6608560c92d4533c5fd684e82c282ebf06a4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0D0E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI3MmM3MDhlZGY4N2JjMDM4NzljNmFkYzExMWNhNWU2NWM3NjBhNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI3MmM3MDhlZGY4N2JjMDM4NzljNmFkYzExMWNhNWU2NWM3NjBhNg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI3MmM3MDhlZGY4N2JjMDM4NzljNmFkYzExMWNhNWU2NWM3NjBhNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1809 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
i
central.gjirafa.com/tr/ Frame 1E9A 		120 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.gjirafa.com/tr/i?prm=mIyMAzDzPG5FL+EqmilbjHl+KjJThFfmQaXvhOiId0574nxiwKw7QeASI2V19yP37G6itr+qAp1aDjK3ub6NUIuCLn6qTty8BULRGS0yt+BFIQA/9+7ebNNRW7AukFuLbzZRwKo6S5pafoxzUtqzW3ICn/NI/+gIhedX7NZ8juhy0gsvudL65xkiEQtB6u5gV9TxqaWukwZOuUvURDjbx0nm3AAtlYY0N3y66tBwZYNhpMKIdYkGO5DE61iopD8bMDTF1JqMzSFJNL51EMPek3LYAvoQ7aZAor9AYbDNiUb+/wStjblPHvgRmeu+xYUdEK58SLh+k+uE6OjOf63iWaJ2dvDCygBh6rig1FbRhsGzPdOMl/pxttNwqrq7tZTB0tofCStBS/I=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Puil9fUyN%2BqKSRl1b4lLTqzYbUgooUejeyc9KNYCwldxBBowNvdRjWvAYq55J8QNLrjXE06mc2iAHEp2IwZ9VeNPME8xtX0t478yzvKOzHwvNAuv0kAzrHEKp%2BbRgqEEu4UR4Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
cf-ray
6b6d27cd7a655c02-FRA
content-length
120
v
central.gjirafa.com/tr/ Frame 1E9A 		120 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.gjirafa.com/tr/v?prm=mIyMAzDzPG5FL+EqmilbjHl+KjJThFfmQaXvhOiId0574nxiwKw7QeASI2V19yP37G6itr+qAp1aDjK3ub6NUIuCLn6qTty8BULRGS0yt+BFIQA/9+7ebNNRW7AukFuLbzZRwKo6S5pafoxzUtqzW3ICn/NI/+gIhedX7NZ8juhy0gsvudL65xkiEQtB6u5gV9TxqaWukwZOuUvURDjbx0nm3AAtlYY0N3y66tBwZYNhpMKIdYkGO5DE61iopD8bMDTF1JqMzSFJNL51EMPek3LYAvoQ7aZAor9AYbDNiUb+/wStjblPHvgRmeu+xYUdEK58SLh+k+uE6OjOf63iWaJ2dvDCygBh6rig1FbRhsGzPdOMl/pxttNwqrq7tZTB0tofCStBS/I=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCqlpHyatICP7SyWecMyULBPHGvCKCRQqwXwM%2FlKEs5DhgV5W6hWoPoDioU1%2BnC7UkxSBx2vAhl9vm6LmFJ6CjK1amkqjNSe3NtDsa0O%2F2Iw8%2BikcKo6e23VduovXrD3iOOWqKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
cf-ray
6b6d27cd7a685c02-FRA
content-length
120
ad-view
bisko.gjirafa.com/tr/ Frame 1E9A 		68 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/ad-view?guid=0ea6445ff5474b87a5607ae1e13d571412338baee68c42419b5097418ff5e788&sd=05833779fa3c445585259a979c4ec6a6&t=2021-12-01T14%3A55%3A16.074Z&v=4.1&c[0].id=20732&c[0].name=Rrushe_TeGjithaEpisodetOnline&c[0].category=VideoAd&c[0].brand=Gjirafa%20Video%20AdNetwork&c[0].type=ad&c[0].variant=Skippable%20instream&c[0].value=24580,247&u=https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcVrrNRGTl%2B3YEq%2Fwd39BlPUmrgSYicUfsw%2FVg1drAYdUoEHJ0Nl%2BPMbpIz4zM5t82iFl8uM6j76pafP8sGC30VngWBga5cFuHZ4NgVwjvb55GNlYRXpTsEvfotmEHlbtgsX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27cd7a6a5c02-FRA
content-length
68
index480.mp4
puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/ Frame D8F9 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/index480.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.110.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3109444.ip-54-36-110.eu
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=65536-

Response headers

Date
Wed, 01 Dec 2021 14:55:16 GMT
X-Backend
gjcn1
Age
256509
X-Amz-Storage-Class
STANDARD
X-Backend-Age
93154
X-Backend-F
silencer
Connection
keep-alive
Content-Length
11531709
X-Varnish
561775692 548352603
Content-Range
bytes 65536-11597244/11597245
Server
nginx/1.16.1
X-Backend-G
10s
ETag
"0e3c7560e862129d396336b0c5ee4346"
Access-Control-Allow-Methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000022e5a9-0061a236f3-230428-eu-west-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
gjcs-puma-ns3109444
x-rgw-object-type
Normal
X-Backend-S
72h
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Range, Authorization
publishertag.prebid.js
static.criteo.net/js/ld/ Frame ACC0 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 7C57 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
index480.mp4
puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/ Frame 26F4 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://puma.gjirafa.com/apstatic-gjirafa/media/t0z0yg/mp4/index480.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.110.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3109444.ip-54-36-110.eu
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://video.gjirafa.com/embed/t7-live?autoplay=true&am=true&c=1&m=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=32768-

Response headers

Date
Wed, 01 Dec 2021 14:55:16 GMT
X-Backend
gjcn1
Age
256509
X-Amz-Storage-Class
STANDARD
X-Backend-Age
93154
X-Backend-F
silencer
Connection
keep-alive
Content-Length
11564477
X-Varnish
561629605 548352603
Content-Range
bytes 32768-11597244/11597245
Server
nginx/1.16.1
X-Backend-G
10s
ETag
"0e3c7560e862129d396336b0c5ee4346"
Access-Control-Allow-Methods
GET, OPTIONS, POST
x-amz-request-id
tx00000000000000022e5a9-0061a236f3-230428-eu-west-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
gjcs-puma-ns3109444
x-rgw-object-type
Normal
X-Backend-S
72h
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Range, Authorization
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C269 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
1
serving.viduck.tech/v1/placements/Mkdr8gbjM3Yu/code/vpaid/ 		155 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.viduck.tech/v1/placements/Mkdr8gbjM3Yu/code/vpaid/1?w=300&h=169&cb=8370516107&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&url=gazetaexpress.com
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
e3e247478fc561a82e78bee7449288e91a808ece811f6aac5842df15b0963755

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-allow-methods
OPTIONS, GET
content-type
application/xml;charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
155
srvf
144.76.120.254
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=97410&t=1638370516&cip=91.199.118.155&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1638370516046-974628006383-008880-012-000004&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=83335247743&cd2=0&cd3=outstream&cd4=1000638&cd6=11&cd1=desktop&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5ac2203f073ef46a6856c7b0&ncid=605de80c8e4c691eb1491318&e=request&cb=1638370516108&asid=605ded9605ec0c69325f4547&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.170.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-170-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370516089&oz_l=993&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:15 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
i
central.gjirafa.com/tr/ Frame 777C 		120 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.gjirafa.com/tr/i?prm=mIyMAzDzPG6AC09ucj3yrIKc3qJeDbkt07BUGK+58mRgLvu7geDyXmDnD075q6THD7fFqGsEBL06NL+6fzQWqbTIaDt9Tq6CksESPPXrrOKM3qkecJYxtZ5Ox3RQPv6RgYl3FDhSS0GCIIpd+PpVWr/wXcLfZnFNUvKpbOsN1uCRYfMMcXtO5BRwKeMUV0P8/6p9Rr702kpuqq3xsS+vT9z+bBvyuYB2CIK8Ia9sTUb+O60L+FWvsjAO+WyJf1qq6vNnGO37SixyL5+7syqybeakDKGi6y7FiFZwZKs38YC0SJFOZgbiZJq99BSM4BPOe2OVN18GDM3wY/dKmz3DeZSzR9kJqdvUap2RZID13Z+z3KT5Gk6mR7Om0kEHVhcuoqcnx+Apdp8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuR1L06xun17HhsbayvKx0Qsr1csZA8AVf38B5zuK7qnhnWvQq982t%2F74%2F947Bh9%2FsT1CFjpaED89fd7KS3%2BTboT7ivuPLmeywbD98IuRralpAPSBi0NT480TfZplLIViZ%2BHwOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
cf-ray
6b6d27cdcb215c02-FRA
content-length
120
v
central.gjirafa.com/tr/ Frame 777C 		120 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://central.gjirafa.com/tr/v?prm=mIyMAzDzPG6AC09ucj3yrIKc3qJeDbkt07BUGK+58mRgLvu7geDyXmDnD075q6THD7fFqGsEBL06NL+6fzQWqbTIaDt9Tq6CksESPPXrrOKM3qkecJYxtZ5Ox3RQPv6RgYl3FDhSS0GCIIpd+PpVWr/wXcLfZnFNUvKpbOsN1uCRYfMMcXtO5BRwKeMUV0P8/6p9Rr702kpuqq3xsS+vT9z+bBvyuYB2CIK8Ia9sTUb+O60L+FWvsjAO+WyJf1qq6vNnGO37SixyL5+7syqybeakDKGi6y7FiFZwZKs38YC0SJFOZgbiZJq99BSM4BPOe2OVN18GDM3wY/dKmz3DeZSzR9kJqdvUap2RZID13Z+z3KT5Gk6mR7Om0kEHVhcuoqcnx+Apdp8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLd4PWq8MXmvqv9sAelMkE5jCaiaNOZPEmTGPizSaltZzm31O3JVsoBW2B1IT%2FwFTdh3zfbwnxxnrzes%2Fvk6fwqflF5%2FM7Yzb%2BGAPcBqpaD8c1WcHYdHFFDEQVQ1xYW5nT2fpbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
cf-ray
6b6d27cdcb245c02-FRA
content-length
120
ad-view
bisko.gjirafa.com/tr/ Frame 777C 		68 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/ad-view?guid=dba1e85b6bdb4026bf088df430635f9933c47b95cfc54056bb452dd34e724515&sd=05833779fa3c445585259a979c4ec6a6&t=2021-12-01T14%3A55%3A16.120Z&v=4.1&c[0].id=20732&c[0].name=Rrushe_TeGjithaEpisodetOnline&c[0].category=VideoAd&c[0].brand=Gjirafa%20Video%20AdNetwork&c[0].type=ad&c[0].variant=Skippable%20instream&c[0].value=24580,247&u=https://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OLVuw9BqeNTRR05vQN7YjXpzWHjeZSMCbjhH7BawEfYrdDsk%2Bo1R48SYbzSUU2OE3xVpK5OMzIcSSx%2FSji9IWXCqy%2BVP0EjlZ9GWBPKjb4KClbFJsWnk59nip05QtI7fGJM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6b6d27cdcb255c02-FRA
content-length
68
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3914 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0CB2 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 53FD 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F69 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E187 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B025 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1051 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Dec 2021 14:55:16 GMT
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370516242&oz_l=2765&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:15 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370516396&oz_l=3952&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:15 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
1
serving.viduck.tech/v1/placements/Mkdr8gbjM3Yu/code/vpaid/ 		155 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.viduck.tech/v1/placements/Mkdr8gbjM3Yu/code/vpaid/1?w=300&h=169&cb=8370516433&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&url=gazetaexpress.com
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
e3e247478fc561a82e78bee7449288e91a808ece811f6aac5842df15b0963755

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-allow-methods
OPTIONS, GET
content-type
application/xml;charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
155
srvf
144.76.120.254
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=97410&t=1638370516&cip=91.199.118.155&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1638370516046-974628006383-008880-012-000004&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=83335247743&cd2=0&cd3=outstream&cd4=1000638&cd6=11&cd1=desktop&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5ac2203f073ef46a6856c7b0&ncid=605de80c8e4c691eb1491318&e=request&cb=1638370516434&asid=605ded9605ec0c69325f4547&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.170.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-170-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=97410&t=1638370516&cip=91.199.118.155&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1638370516046-974628006383-008880-012-000004&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=83335247743&cd2=0&cd3=outstream&cd4=1000638&cd6=11&cd1=desktop&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.170.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-170-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1000638&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=35207
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b6d27cfdb224e08-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.gazetaexpress.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1000638&cd6=11&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.1.2.90&apppkg=&fv=1&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=605de80c8e4c691eb1491318&stagid=&stplid=&e=AV_M8&prbdres=errorlimit&cb=1638370516449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.170.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-170-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 0AE6 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370517.527474,VS0,VE10
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370516554&oz_l=906&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:16 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 2F42 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370517.577672,VS0,VE12
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame EB2D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370517.591825,VS0,VE9
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame EB2D 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370517.611541,VS0,VE10
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 3EC9 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Wed, 01 Dec 2021 14:55:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1638370517.617866,VS0,VE10
x-served-by
cache-fra19148-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
check.html
biddr.brealtime.com/ Frame 930B 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 01 Dec 2021 14:55:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id
5S3T1K5V2G9VMX3D
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4072
Expires
Wed, 01 Dec 2021 14:56:16 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b6d27d15c074de8-FRA
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 2F5D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Dec 2021 14:55:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 1108 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13396601
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
nginx
Date
Wed, 01 Dec 2021 14:55:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 0AE6 		254 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
26173
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1638370517.663135,VS0,VE0
date
Wed, 01 Dec 2021 14:55:16 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
1
x-cache-hits
25868
usync.js
eus.rubiconproject.com/ Frame 2F5D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17713
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 01 Dec 2021 19:50:29 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2F42 		254 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
26173
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1638370517.673788,VS0,VE0
date
Wed, 01 Dec 2021 14:55:16 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
1
x-cache-hits
25869
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame EB2D 		254 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
26173
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1638370517.690613,VS0,VE0
date
Wed, 01 Dec 2021 14:55:16 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
1
x-cache-hits
25870
check.html
biddr.brealtime.com/ Frame 1E54 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Wed, 01 Dec 2021 14:55:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id
5S3T1K5V2G9VMX3D
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4072
Expires
Wed, 01 Dec 2021 14:56:16 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b6d27d21daa4de8-FRA
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame A4C5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Dec 2021 14:55:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E55E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13396601
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
nginx
Date
Wed, 01 Dec 2021 14:55:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
usync.js
eus.rubiconproject.com/ Frame A4C5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17713
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 01 Dec 2021 19:50:29 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 1E15
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUUwRUNCRjctOUVBQS00MDUzLTg2RDktNTc5NzA4MjJFNUUx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:414
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
u.openx.net/w/1.0/ Frame 1E15 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1E15
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/ Frame ACC0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUY3RTVGOUMtRDJGMy00NTlBLUJBNTUtQTJFQ0Y1RTUyRURG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:389
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
u.openx.net/w/1.0/ Frame ACC0 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame ACC0
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 1809 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 1809
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkY5QkNGODEtMDU5MS00QzYwLThDOTAtODkzOEE3Mzk3ODk5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:270
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 1809
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame 0AE6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
766
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1638370517.477352,VS0,VE0
date
Wed, 01 Dec 2021 14:55:17 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
79370
/
pips.taboola.com/ Frame 0AE6 		64 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b580196fa11d0795589fb4ec033a9022e846a4ce466ef422b3dcc88058462a3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19166-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 0AE6 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=13be56eb-548e-4fa9-8c18-1580b3f7255b-tuct8a11253&uad=4d2df1097434b749f592756d29ccd51eb3717ccc7f1e9715361e00f15e871d48
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:17 GMT
Cache-Control
no-store
Server
nginx
Connection
close
cds-pips.js
cdn.taboola.com/scripts/ Frame 2F42 		2 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
766
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1638370518.531146,VS0,VE0
date
Wed, 01 Dec 2021 14:55:17 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
79371
/
pips.taboola.com/ Frame 2F42 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b580196fa11d0795589fb4ec033a9022e846a4ce466ef422b3dcc88058462a3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19166-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/ Frame EB2D 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
766
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1638370518.541838,VS0,VE0
date
Wed, 01 Dec 2021 14:55:17 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
79372
/
cds.taboola.com/ Frame 2F42 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=cd1cddb2-3a5f-4063-a570-a5aa0a9da332-tuct8a11253&uad=4d2df1097434b749f592756d29ccd51eb3717ccc7f1e9715361e00f15e871d48
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:17 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
pips.taboola.com/ Frame EB2D 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b580196fa11d0795589fb4ec033a9022e846a4ce466ef422b3dcc88058462a3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19166-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame EB2D 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=638a775e-5ac3-464d-ab0a-093921bbb741-tuct8a11253&uad=4d2df1097434b749f592756d29ccd51eb3717ccc7f1e9715361e00f15e871d48
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:17 GMT
Cache-Control
no-store
Server
nginx
Connection
close
xuid
eb2.3lift.com/ Frame 7C57
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 7C57 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7C57
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 30 Nov 2021 14:55:17 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 0CB2
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0CB2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 30 Nov 2021 14:55:17 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
pd
u.openx.net/w/1.0/ Frame 0CB2 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubmatic
um.simpli.fi/ Frame C269
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 30 Nov 2021 14:55:17 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame C269
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGeEIAcY_GvucQpTxr8sSUc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame C269 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 3914 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 3914
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwSkCUxmhn_oIpw16N83DA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:512
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 3914
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcyNTM5OTQxMTA2ODU5NjkyNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcyNTM5OTQxMTA2ODU5NjkyNg%3D%3D
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcyNTM5OTQxMTA2ODU5NjkyNg%3D%3D
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame 3EC9 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211201-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
766
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1638370518.582241,VS0,VE0
date
Wed, 01 Dec 2021 14:55:17 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
1
x-cache-hits
79373
/
pips.taboola.com/ Frame 3EC9 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b580196fa11d0795589fb4ec033a9022e846a4ce466ef422b3dcc88058462a3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19166-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 3EC9 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=5ce4b490-97df-4b1b-a3fa-520c9ce7130b-tuct8a11253&uad=4d2df1097434b749f592756d29ccd51eb3717ccc7f1e9715361e00f15e871d48
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:17 GMT
Cache-Control
no-store
Server
nginx
Connection
close
pd
u.openx.net/w/1.0/ Frame 53FD 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 53FD
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
Protocol
H2
Server
2620:119:50e7:101::9002:e05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:18 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-lor1
content-length
0
x-li-uuid
96bRSE6pvBbg3klg2SoAAA==

Redirect headers

location
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
simage2.pubmatic.com/AdServer/ Frame 53FD
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:408
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
pd
u.openx.net/w/1.0/ Frame 8F69 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F69
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:507
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
setuid
px.ads.linkedin.com/ Frame 8F69
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
Protocol
H2
Server
2620:119:50e7:101::9002:e05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:18 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-lor1
content-length
0
x-li-uuid
JDPqSE6pvBYQyQ5d2SoAAA==

Redirect headers

location
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3725399411068596926&dbredirect=true&gdpr=1&consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
xuid
eb2.3lift.com/ Frame E187
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3725399411068596926?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-v2MuPpNE2oRKJxpDVv21KQjsCMxMnS7mnNs0_mETNQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-v2MuPpNE2oRKJxpDVv21KQjsCMxMnS7mnNs0_mETNQ--~A&dongle=0883
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 01 Dec 2021 14:55:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-v2MuPpNE2oRKJxpDVv21KQjsCMxMnS7mnNs0_mETNQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame E187
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:2161
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76ec29de-a143-4b49-bc72-e8760bb365f9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
pd
u.openx.net/w/1.0/ Frame E187 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 1051 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
u.openx.net/w/1.0/ Frame 1051 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
x.bidswitch.net/ Frame 1051
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/ Frame B025 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156400
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
x.bidswitch.net/ Frame B025
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Server
3.127.209.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 14:55:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3725399411068596926&gdpr=1&gdpr_consent=
date
Wed, 01 Dec 2021 14:55:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame B025 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 14:55:17 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370520611&oz_l=107&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:20 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
670f74e7f0dbcfacfed2ed500da463f5.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 3EC9 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/670f74e7f0dbcfacfed2ed500da463f5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
814f44ccc707d3add2e88b39eec6d481f9d1fd01b0a1c38fcb547e6a63ff64c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
9BEaeqp9YCVhFJmbzW1_AO3qihBm8.S0
via
1.1 varnish
etag
"85a0086d4bd87e3ee181e2ed09345550"
age
60
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1256189
x-amz-id-2
EOsGXSslJHLXpuxQG/DOSHoVycBewK01LNTK1sX7YghGSba8PwrJ9dNwLjqJlat5JpVOqq/srzs=
x-served-by
cache-fra19148-FRA
last-modified
Wed, 24 Nov 2021 15:59:11 GMT
server
AmazonS3
x-timer
S1638370521.789221,VS0,VE2
date
Wed, 01 Dec 2021 14:55:20 GMT
x-amz-request-id
AMR8YKWZ5R7RP51D
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
1
x-cache-hits
1
99536fe1f376b97b41d057a3496d6d93.jpg
cdn.taboola.com/libtrc/static/thumbnails/ Frame 3EC9 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/99536fe1f376b97b41d057a3496d6d93.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5927dd8f844e94a7709879db8b641e12d83beae1939483e2899b3b2403db924

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
JTsAoldLpsmm72ZR9VLzPiAtv20CGeV_
via
1.1 varnish
etag
"8defd8af903372ae2b05440d950efff5"
age
53
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
63717
x-amz-id-2
PwD918g0mFenRf1YVXvHIjsuhVgkvPCdZPFpbeVpS9RfAHG2Ri3rQnKK8MMkosv4ZdZ4BWb9HMA=
x-served-by
cache-fra19148-FRA
last-modified
Sun, 14 Nov 2021 10:18:34 GMT
server
AmazonS3
x-timer
S1638370521.789342,VS0,VE1
date
Wed, 01 Dec 2021 14:55:20 GMT
x-amz-request-id
CE0AJYX67W7GJSCB
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
1
x-cache-hits
1
e013d7c7-6097-4689-af94-c794268630eb_1000x600.jpeg
console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame 3EC9 		375 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/e013d7c7-6097-4689-af94-c794268630eb_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea2b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
911a859a1b69e20e398dc4371e14165d3ac807e2f8e3e4a133f188acd7d746f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:55:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3131
cf-ray
6b6d27eb0cb968f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
383680
x-amz-id-2
A+e/QqA14aw5Rx2FskHamIdJikzEy1kdH6OyIm9bQSMC21krOG1CGHfM0Bllz+2p2Q+2BpDap7w=
last-modified
Wed, 10 Nov 2021 09:28:11 GMT
server
cloudflare
etag
"69258201fdb674c697bcfb478bcdbf94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BDs%2FgrkRKBSQUAebttOts1joMAVeggi5cG6RhOOhoQcbs%2FBIq6hL3isItaDQAZiLvCqmNXK6LZiT%2BxWCYOqijPDFxv2jE6F4GY9%2BvpFNCtZ6p6TEr7xbDMsAFwcfsh3hKML0wmgLPWarMBnkVURVGK6%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1TWM9DZ8CE98MG65
cache-control
max-age=14400
accept-ranges
bytes
content-type
image/jpeg
postback
s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/ Frame D4D9 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.40.1/225545/AO9F1jcAEejSmdMB/postback?c1=ams1&cb=339515141&pd=avt&ap=&pp=1457516&dm=970x90&gt=DE&cr=281686027&c2=0&dt=2255451533761563475000&di=https%3A%2F%2Fwww.gazetaexpress.com%2F&ui=8913776995193654702&ti=7266049169965899231&md=1&pc=15054187&ac=%24%7BCPG_ID%7D&ci=225545&sr=3153&pv=8b963d1f-d138-425d-818c-034222e38bdf&to=3&de=2&sid=AO9F1jcAEejSmdMB&oz_sc=affef21903475217f90004bb&oz_df=1638370522579&oz_l=324&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.40.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.202.153.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-153-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 14:55:22 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1201867944&t=event&_s=4&dl=https%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Gazeta%20Express%20-%20LAJMI%20I%20FUNDIT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=unbounce&ea=15_sec&_u=KGBACEABBAAAAC~&jid=&gjid=&cid=1938265151.1638370512&tid=UA-6427330-1&_gid=1614476265.1638370512&z=1225464548
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 16:09:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81946
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| CloudflareApps string| GoogleAnalyticsObject function| ga object| _atrk_opts function| fbq function| _fbq object| _taboola object| gjdmpInitializer object| gjdmp object| bisko object| googletag object| _wpemojiSettings undefined| $ function| jQuery function| countryLink object| teadsscript function| previous function| next function| go_to_page function| previous_secondpag function| next_secondpag function| go_to_page_secondpag function| previous_search function| next_search function| go_to_page_search object| TRC object| _tblConsole undefined| msg object| TWAGORAINARTICLE object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync function| atrk boolean| _atrk_fired object| ggeac object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| reqCountry object| lmonebidAdUnits object| lmonebid object| requestManager number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| adUnits object| pbjs function| biddersBack function| requestHeaderBids function| initAdserver function| lmonebidChunk object| _lmonebidGlobals function| pbjsChunk object| _pbjsGlobals object| Criteo string| google_user_agent_client_hint function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| teads object| wp object| __CF$cv$params object| jQuery1124008737078662761211 number| windowWidth number| windowHeight function| P function| iFrameResize object| ProjectAgora number| max_priority boolean| check function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| __cf_worker_run_after_load function| __cf_run_after_load string| txt function| postscribe object| twemoji object| _mgIntExchangeNews object| _mgq object| MarketGidInfC1000638 function| MarketGidCContextBlock1000638 function| MarketGidCMainBlock1000638 function| MarketGidCInternalExchangeBlock1000638 function| MarketGidCRejectBlock1000638 function| MarketGidCCriteoBlock1000638 function| MarketGidCInternalExchangeLoggerBlock1000638 function| MarketGidCObserverBlock1000638 function| MarketGidCSendDimensionsBlock1000638 function| MarketGidCRtbBlock1000638 function| MarketGidCContentPreviewBlock1000638 function| MarketGidCResponsiveBlock1000638 boolean| mg_loaded_634059_1000638 function| _mgLib1_11_65 function| _mgwqp object| ADAGIO object| _ADAGIO number| lnt_z object| onClickExcludes function| mgReject1000638 function| mgLoadAds1000638_0b47d function| MarketGidCReject1000638 function| MarketGidLoadGoods1000638_0b47d function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint634059 string| _mgPvid object| GoogleGcLKhOms function| mgadSrcNoUi_0 object| _mgAdSrcNoUi object| _mgAdTrSrc boolean| _mgPageView634059 number| taboola_view_id function| avPlayer object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 function| LoadCriteoAllPlaces1000638_0b47d boolean| i.js.loaded boolean| i-noref.js.loaded object| google_image_requests function| av_sciv_hndlr1638370515753 object| storageAni function| arrive function| unbindArrive function| leave function| unbindLeave

77 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoI5gEQtsT4s9cvCgoIhwIQvsT4s9cvCgkICRDfxviz1y8KCQg6EOXC-LPXLwoKCIwCENbF-LPXLwoJCF8Qucb4s9cv
gazetaexpress.com/ Name: uid
Value: M9JdEmGnjM9o8InqAwPQAg==
www.gazetaexpress.com/ Name: uid
Value: M9JdEmGnjM9o8InqAwPTAg==
ads.gazetaexpress.com/ Name: OAGEO
Value: 2%7CDE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.gazetaexpress.com/ Name: __asc
Value: 3149070f17d767e0c6a7993bbda
.gazetaexpress.com/ Name: __auc
Value: 3149070f17d767e0c6a7993bbda
.gazetaexpress.com/ Name: _ga
Value: GA1.2.1938265151.1638370512
.gazetaexpress.com/ Name: _gid
Value: GA1.2.1614476265.1638370512
.gazetaexpress.com/ Name: _gat
Value: 1
.gazetaexpress.com/ Name: _fbp
Value: fb.1.1638370512212.1597701743
.video.gjirafa.com/ Name: _mgBucket
Value: masterControl
.gjirafa.com/ Name: __ftr
Value: 2021-12-01 15:55:12
.video.gjirafa.com/ Name: _abPercentage
Value: 63
.video.gjirafa.com/ Name: _mgTraffic
Value: C
.gjirafa.com/ Name: __gjci
Value: cbca6cc0e7e0433c9f914f5186309a70
.adnxs.com/ Name: uuid2
Value: 8913776995193654702
ads.gazetaexpress.com/ Name: OAID
Value: 01000111010001000101000001010010
.aj1431.online/ Name: UUID
Value: a7f23fb5-605d-55a1-81a5-125702e8405b
.gjirafa.com/ Name: __gjbi
Value: c127b3a401b641e7b280fdce75fd617a
bisko.gjirafa.com/ Name: __session
Value: e888466a298c442089602126c88561d4
.mgid.com/ Name: __cf_bm
Value: HWogRHato0_Me9e1cVqASFywqD3ZzKWrikuLcM1Kj2g-1638370513-0-AaliKEQwni7sz+t3N37GDEWzm+G/Ekl5XiYYQB9r7XYwmVvL+YH1n0zqp01/BHg/++JdNWgZCIidaqSbsQHkquU=
.aj1431.online/ Name: ucv
Value: 1066-DE-1638456913118-24--573-DE-1638456913254-24--
.rubiconproject.com/ Name: rsid
Value: 1|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.rubiconproject.com/ Name: khaos
Value: KWNNI2QJ-1G-6VK3
.doubleclick.net/ Name: IDE
Value: AHWqTUklW4HzDyos-5YjcINqZzqNw46l77vPSVOGDOW9-Uw6jbEQaXbuWnQ9HYqICDw
.gazetaexpress.com/ Name: __gads
Value: ID=e306d66859be8519:T=1638370512:S=ALNI_MZSXJHlifeaxc3izjgvYTj7x-5XhA
.adnxs.com/ Name: icu
Value: ChgI7PpYEAoYASABKAEw0JmejQY4AUABSAEKGAiFy14QChgBIAEoATDSmZ6NBjgBQAFIARDSmZ6NBhgB
.rubiconproject.com/ Name: audit
Value: 1|vAET2ryzqEGXDI2QzKgy16Q/Fn9jJ2Tlph+Ceuqbr/ebi+2Td/xv7Yfx/xiTr8GxvLUsNrZ4DIT14byNT5gC/HKY++jymV4/2jL6aH0a0w4AUxyL4HCmbg==
.mathtag.com/ Name: uuid
Value: 2ee561a7-8cd2-4501-acda-ad76a4c46767
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 647c75adf44c74c4
.mgid.com/ Name: muidn
Value: lb1f_GQtMhT6
servicer.mgid.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
.gazetaexpress.com/ Name: __cf_bm
Value: PF4ObBMFKrmv23fPnDqbZqG1HLHuVeW.ggiuVgfkiKM-1638370515-0-AdNlUug0o2Yxsg6+RpwNaMpMw2nKdhALmW/zFcWSP03UgsYrOZ/SwGmnX+Vi2ErVHFOPPbZWvngfGOMtD6cxjF4S/vH14vCnGD7uF+hZtqntWtk0Zz6o+31crPzWso0rMQ==
.criteo.com/ Name: uid
Value: 8fb23ddd-0c5a-457b-a7fe-7e9ca2d74f12
www.gazetaexpress.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1000638%22%3A%7B%22page%22%3A1%2C%22time%22%3A1638370515563%7D%7D
www.gazetaexpress.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D5ce4b490-97df-4b1b-a3fa-520c9ce7130b-tuct8a11253
.gazetaexpress.com/ Name: cto_bundle
Value: eYfhOV9VS1glMkZPVEJTNXpSNGVLQTNSTzBVMVVDazFNUWV6bCUyQnJCUldUakZTSW1GQmN4WUxNTmcwTHNNYWtmJTJCUVRRT01mVmR6RkZuaFYlMkZvVzdWTFl5VFJFQ0ZtOW0yZmFWNURvQ0UxTDJidUFjVGIzdDlRa2NJSElMWEM4ZEtWc0dQbXpROVVRU1Fnakl4V0J3QkFRQThkRUtDUSUzRCUzRA
.creativecdn.com/ Name: u
Value: NxdRaGkZZGsZgEa0CY5n
.creativecdn.com/ Name: ts
Value: 1638370515
.bidswitch.net/ Name: tuuid
Value: 1ad12f31-8e66-4653-b9f7-041710d108db
.bidswitch.net/ Name: c
Value: 1638370515
.bidswitch.net/ Name: tuuid_lu
Value: 1638370515
.zeotap.com/ Name: zc
Value: 16bdd2d9-7bfb-4f95-6730-d9a8bd4d9a00
.e-volution.ai/ Name: v_usr
Value: 28777325-e3b6-4837-8a24-b12120af8cf1
.lentainform.com/ Name: muidn
Value: lb1f_GQtMhT6
.adsrvr.org/ Name: TDID
Value: 76ec29de-a143-4b49-bc72-e8760bb365f9
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_7d1f0c75-2e8f-4644-b9cf-04693fdad864
.360yield.com/ Name: tuuid
Value: 56bd679e-859b-473b-adad-e7ce7527f7fa
.360yield.com/ Name: tuuid_lu
Value: 1638370515
.smartadserver.com/ Name: pid
Value: 4922489347080781784
.idealmedia.io/ Name: muidn
Value: lb1f_GQtMhT6
.aniview.com/ Name: aniC
Value: 1638370516046-974628006383-008880-012-000004
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YaeM1AAIyONTSwBG
.yahoo.com/ Name: A3
Value: d=AQABBNSMp2ECEPT_rdRiwUDyhTpJKEOFVGcFEgEBAQHeqGGxYQAAAAAA_SMAAA&S=AQAAAofsvjueQHyvdY7rp93ihIY
.postrelease.com/ Name: opt_out
Value: 1
.mfadsrvr.com/ Name: tuuid
Value: e67b3007-4689-4e1d-87a2-ea846b68bbe2
.mfadsrvr.com/ Name: c
Value: 1638370516
.mfadsrvr.com/ Name: tuuid_lu
Value: 1638370516
.mfadsrvr.com/ Name: ssh
Value: !mgid,1638370516
cm.mgid.com/ Name: mg_sync
Value: {"265689":1638370515,"287839":1638370516,"341189":1638370515,"363887":1638370515,"371158":1638370516,"433146":1638370515,"501037":1638370515,"516418":1638370515,"549534":1638370515}
.3lift.com/ Name: tluid
Value: 3725399411068596926
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5E0ECBF7-9EAA-4053-86D9-57970822E5E1
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pi
Value: 156400:3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMwSkCUxmhn_oIpw16N83DA&KRTB&16514-CAESEMwSkCUxmhn_oIpw16N83DA&KRTB&23025-CAESEMwSkCUxmhn_oIpw16N83DA
.simpli.fi/ Name: suid
Value: 74984621D4104B3792A411C2B336777A
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&KRTB&16736-uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&KRTB&23019-uid:2ee561a7-8cd2-4501-acda-ad76a4c46767&KRTB&23114-uid:2ee561a7-8cd2-4501-acda-ad76a4c46767
.pubmatic.com/ Name: SyncRTB3
Value: 1639526400%3A220_21_13_7_54
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-76ec29de-a143-4b49-bc72-e8760bb365f9&KRTB&22918-76ec29de-a143-4b49-bc72-e8760bb365f9&KRTB&23031-76ec29de-a143-4b49-bc72-e8760bb365f9
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwio-6v0k7maOhAFGAEgASgCMgsIqPOuoaq5mjoQBTgBWghwdWJtYXRpY2AC
.pubmatic.com/ Name: PugT
Value: 1638370516
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2578:u=1:x=1:i=1638370518:t=1638456918:v=2:sig=AQHYigFQAvKX5kL5NZYSyj3xgH7_DwLq"
.linkedin.com/ Name: bcookie
Value: "v=2&4d2daa14-53d0-470f-8719-580456489d32"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzgzNzA1MTg7MjswMjHJiLlXXyLTEuuEPzPp1+MLZOT4TXnxtdg5s7ZEAp0fbA==

8 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1638370512&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638370512065&bpp=3&bdt=382&idt=432&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7739102639055&frm=20&pv=2&ga_vid=1938265151.1638370512&ga_sid=1638370513&ga_hid=1201867944&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2799477278644123&pem=813&tmod=657395804&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=456
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.gazetaexpress.com/
Message:
Access to XMLHttpRequest at 'https://ib.adnxs.com/ut/v3/prebid' from origin 'https://www.gazetaexpress.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.adnxs.com/ut/v3/prebid
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://www.gazetaexpress.com/
Message:
Mixed Content: The page at 'https://www.gazetaexpress.com/' was loaded over HTTPS, but requested an insecure element 'http://cdn.adnxs.com/p/36/cf/1d/97/36cf1d97ec316ec150290ce4ea90fee8.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.gazetaexpress.com/
Message:
Mixed Content: The page at 'https://www.gazetaexpress.com/' was loaded over HTTPS, but requested an insecure element 'http://cdn.adnxs.com/p/36/cf/1d/97/36cf1d97ec316ec150290ce4ea90fee8.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
deprecation warning URL: https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.teads.tv
abdyli.gjirafa.com
ad.360yield.com
ads.gazetaexpress.com
ads.projectagoraservices.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
aghtag.tech
agorahtag.tech
aj1431.online
am-trc-events.taboola.com
ams1-ib.adnxs.com
analyticsvideo.gjirafa.com
ap.lijit.com
bidder.criteo.com
biddr.brealtime.com
bisko.gjirafa.com
c.mgid.com
cdn.adnxs.com
cdn.contentspread.net
cdn.mgid.com
cdn.polyfill.io
cdn.projectagora-adtag-library.com
cdn.taboola.com
cds.taboola.com
central.gjirafa.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
console.brax-cdn.com
creativecdn.com
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
d70eb4a1904d9a725f1eb5da88031146.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gazetaexpress.com
gjstatic.blob.core.windows.net
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900024.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
jadserve.postrelease.com
jsc.mgid.com
lupon.media
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
naimi.gjirafa.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.adnxs.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagoralibs.com
puma.gjirafa.com
px.ads.linkedin.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.update.ib.adnxs.com
s0.2mdn.net
s333.adxpremium.services
s8t.teads.tv
samiu.gjirafa.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
serving.viduck.tech
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.e-volution.ai
sync.mathtag.com
sync.teads.tv
t.teads.tv
tags.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
um.simpli.fi
video-native.mgid.com
video.gjirafa.com
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ib.adnxs.com
sync.adtelligent.com
104.111.242.245
104.16.221.74
104.17.120.107
104.19.135.78
104.19.136.78
104.19.217.61
109.206.161.21
13.248.245.213
138.201.63.116
138.201.84.252
141.226.224.32
141.226.228.48
142.250.185.130
142.250.185.194
143.204.98.17
143.204.98.58
144.76.120.254
145.239.2.103
151.101.1.44
151.101.193.108
151.101.2.49
152.228.222.122
159.122.14.34
172.217.18.102
172.64.201.10
172.67.71.111
178.250.0.157
178.250.0.165
18.202.153.141
18.214.172.53
184.30.25.51
185.184.8.65
185.191.167.178
185.29.132.245
185.29.134.249
185.33.221.15
185.33.221.50
185.64.189.110
185.64.189.112
185.64.190.80
185.67.179.249
185.67.179.250
185.86.137.114
185.86.138.120
198.47.127.18
2.18.232.7
2.18.233.201
2001:4860:4802:32::3
208.88.224.28
216.52.2.48
23.37.38.181
23.37.42.132
23.79.143.124
2602:803:c001::200:144
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700:3030::6815:1b4
2606:4700:3032::6815:356b
2606:4700:3032::6815:41fa
2606:4700:3032::6815:4ae4
2606:4700:3036::6815:4f16
2606:4700:3038::6815:ea2b
2620:119:50e7:101::9002:e05
2a00:1288:80:800::7000
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9d
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:1a0::26e5
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba19
2a02:26f0:7100:2a6::2c79
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:200::282
2a04:4e42::300
2a05:d018:d29:3602:1ae5:2286:b535:86e4
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.127.209.187
3.214.40.65
3.232.170.59
3.33.220.150
34.98.64.218
35.156.230.193
35.156.35.28
35.212.212.222
35.244.174.68
37.157.6.252
37.252.161.190
51.68.155.202
52.239.139.164
52.27.66.213
52.48.46.48
52.57.134.242
54.229.26.45
54.36.110.65
69.173.144.138
69.173.144.139
69.173.144.165
00aa09f642802fe217575dd891aa280fe47b8e949f7c244c0208488eedee2ac7
00b947ea6f4d79abbb05e6fe2a90558da314606ba4cf626dd4dc046d743c163c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01301a7b19144724990d204ef63ecd758075fc41a9febb516b084f4a58570c3f
01f76ccd59023425468713d428d1bed7bf0d10f8ed49f568950a6d1a385bfd7c
027605208c4467f024b851b765e294b984763d88c7f8d8d98c01572734d5f889
0280ec51f7326523c88195bc383aef341b49b6666ba8cd8ff5d259bd491009ba
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02b1e1f682effc8699de99d52095df064be2b292fdf32353f19787266610708d
03df78939f58f0f370c0e875a462257ab915a431c2909b4643f63cde3f686a55
050e6dd363733a099c56fcabb21921ced40b237e7b165b2445d65e363027501b
0516b3d11a602201641b62a125fe061bd6037a09904b7d19b115df865eb9c907
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
074f000c5bb8ac01662a0d0446c0c7922d9e1af13835b2d0a12f05e18ca11cf3
083e5ec06305b2ab5e0580d358e0efc4e129d1beea48e0daa2649ae989e8790a
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0a2c5b13377612f75621e6a514d5d172d41a0c2ade18e157b8be89f2a1e81415
0a3ac84b00c618cdedf2b8a3d8c033c3499e5ce1b4f3a3b24ca80aeab128748a
0a5ac0529c014b2a64a5209cfa22c0a0fd7799b6f80d6cb1098b0d3f5f68749f
0b1cdc1765230ca931914efc9d77f09948220a31fa4ac9baa158a8e9b3ae24e2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0e3336971f8807f870bd5d8c148ea241c0d0a35c30b2c91935aa70e9955ef0bc
0e351da2b0caa003f26223d771ee7b468276401589ca4b1c18c8fbd448fc879b
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600
0f9c649592b9f0b610c746da1ed7a7fb0c95b828c427e807ffa656773d734e53
10424aa5798c3676436c9f04923236e2272855fc7cac5eaa1a34c7781ed6a2ae
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112f87ed2b66157ef202fa8537d4040b1172df38fbe944d9656b1a16d7bdf908
115fbfd87eb879ac28a4f82d78bf71505dce96ae03f10a458982d081ef4d37f7
116cf6c3658b1aef6dd3b536d8852c5520df9ec7a6197ef233be5df1a8c22468
13528976ff450715fdef019e19de2752b9bb60b59a7fc72cb3ed4a5325c42787
156ae320cf3e34a0e09aeb76254b4c2fbd03e954e549c711729f88a514a584ff
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17468fdfe8f36f4aaaefa2f1b78a2679135f77f1bd36b188f100f6c6f84c160d
175fe1ed7950f09550f1fc830ba18423cb6b54b79150a7fc51dff46338f7580b
1789a4e82ff2dd9d77415027df9504be5074cc919705cec10b5bd1cbd1c247e3
18e2b6c772452c201dff7c979bdbcaf400787d3d43916ddd4e922f4419ef9b14
197fc2354f077a62158e750fbf6753fcf1b58b3a8ad3662db39aabd714897b05
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1a5f918cca4fe96581202824009f28a2512ac35a1e53774884a58b689fe3b8c7
1b35fd44bb23ebd7524f19ece3e583c29dabadfdf047dcbd2a1f1ec02e300cde
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6
1c274683a4b782b0d85f0a5d6d1e64267cc63730f88fc3c8d358e5d4e7e107c6
1cd0a8928da3ec8d91a8f255c226edddb3a20eb6aab9c0a6a02071309b476d5c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eb1bbd3d9fe662e7c762968f345ba936a19bde037e11c8aa11c9a07d17b3eb4
1f13001c4ee8adb04500381f64c143bd801ebeed186a2fb6defaa1a0b093322b
1f531981e8163eae10f4389e66151dd5987d29268a606c000b3b3e3c256405e6
1f912a74e5e5cb707d26f911a9292e89c26563b15eadce0d4e1b8573303f3b3b
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01
20875e8a53ad313193024a9191b5945cb309e4f0a0b64a911af267596678b67f
2198ad154f30e2a57578a4a0b23e359f8e4a3f1c3e20cab5b8938f77a0fa6268
2204916fad1cb67ee23c5c35a56252e9a012232d7806d189fed555a6cc2f76d8
2234787d5fb72ab38e21fd55ab13c4679a0552cdfcc0b0bfd0b02f8ec401ad68
225c28fdc4924f8056b499d21a574dee328a749320027aee751d9b4d8e878fe9
232a02aa669f534c686996e0950fc7f51ba98712478f82b73b7e09075556a7a9
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28e89c2a4664bb0ac7da38742c94529bf021c72222cf4cc87ee9b606d9a7152c
295dbf897dbe7cb8470fa90dde9c1774223e783e83dae4f5c566bf6076f193c7
29ab3ea4f82d50e5b29ae75ec77bae66f932f91e965ccb48e63892d9a0666006
2a3f665fd38311a12d279f5099b71b69b3da7e6f32bb2fdf3e571f806bac5c77
2aea223ccbc6430c838198f6a87f4359a830fda5bf2fab7f81cd8f6abf0c345d
2af1f5cb933247732ac4e4d5cc8364c074e133693673d2b34d6035aa217a249b
2b756f222b7ff953d196d25f0b5149893162b80cec4a11ffeaaec47c0c355dca
2bcf5508936aaca874aceb8ede58da83532d11dade122cda0adebe69829b7839
2c13b6f4a736500a0de353891813c828b649c1a407264f25150ef48faf97c827
2c6a2ace69366da428037e4ceb6a22ebbd2b336ab95607fff2b3fd3b24b52bcb
2cc12fa2e9e1cbeec66b9584ce7da59762cbf4e0d0364d66cea5dc78ccf89ada
306256990e3a757fbf8a103817484800ec505f4c3c0896a6caf141c91beb219a
307c5e8c0ca7aa5c526ff2562159f3d95dc7bb61b2236fd7ca77485002106719
30e559614916989e92758c3648af0a9db31700d689020499ba90314de28e9b80
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31b9d64cfebac7f9d1918fb190b9c3dd364c50eb1c5f65a4bd7d9ab644c4b36a
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3346e98e05c980067007505c9c802c6cec49561f2720bc08a64c808ddec0d9cd
3399a1d98cfe824ef01eec47d9d8743eb424645874c9eba73a8e263f2ee04295
33ca3632f72034d5a61c82f5bc7efb21e2675a1cbf94b3f56aed4bb399399c44
343483e966859b508cf4b8238578b7192357216f3a94ff3c823766aa4a7736f9
34c99ea7d90b849bd0b07f4df47b67832c6a817c0eabd144f65fec71ba270594
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9
386086e9f63018331ee6a44d752185fa1d1bd8a91e6e94e83dcd12e921687537
38a72ca80db71a66099b3074a22d8843a08802a2b4c20cb611bb673444e309c0
39226ae5503ed5588a5d0be78214d58688159117450456d7d3a6ca60a2bceff1
3b87ef99a95aa391f13d79969e45c5f492992b8512ff7c1ce8d98c853f0439e5
3b9b90440e5aa223943221afd7ebd53db88667128ed03ad9f0f01059b691bab4
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d2671f1c3b5eb919c0954290cd019120c56e9f245b3f4cde48d45aad9c12719
3d834a321bc0e57dc8ecae64d072e06d159a88607e6f04ec1848d2837739153d
3dd9aa57367b6cc740caae552d411726e023cef38b4aab1ab365a7ce34b58d76
3e2cc649e3ff4e5f5d0912de725eb4b8b286bf4322424753414dd3e18a749ad4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5ce9e97250538878e6efec547add71c26cb9d4a986bcf62983aa3e5d139a79
3fd0ccd043012e60ca1bae33dc7b3a4e98e8777562453cef72b4c49d7b49b18a
3fd30b47f7d56696f640f2ba70aa485fc5afbbd999b6bf76ac2856053e9f447c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4095a1a9a7efe4181f300a025d74991db573c89c2700f2e5e616179716e90e73
41bc018624c91e000da37724fdd8c91097200174f0d5a121d994408a61348858
41c236da4a684dfb436d2c27a120efb34edce673a76565c3dbf42729b74ead45
421376ffb69379358a4dc2bef2d1dd7f693f01bd3a6058008bddf616fbb0404a
42872ff9283185ffcca9ffcb893fb7f5e25c3f921a879423a77e7b0f80a3ed5a
430ca61d2ed2e400869abc8d175d96c7866afff2e366450f4fc436efe325b1fd
43180fc4174ec0038a92e0d58e432b2db3b8d6463f637fae888bfa84240d73e9
43519fc44b476fbe3de469041a267e6efd53e13dca8c3536d536d7cb029750f0
44878cc713733eeca195bd6be3ee86118b17439c36ce1392db3dbff6d150b922
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
456855e9088f1af0a50ad2bfe4d2b7804a1e1ab0883bba83d9879be6fd0ac949
46480d7c4b292a057462dc9b7c854504a5807063e2788de35245b56b7385b4b6
46747ffd8bcb4b6bd400727da24d3fc84b2dc9f26c515990fc103d16c80e8aa3
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b
470ed218c730317577ecb1082da900de879fbbc5ab4ba9d2046f36300d0f8fb6
48e3a8bfcc14f0afb2c63ac9023f5482b15429e33ad1d9942a0c70fdfc78285b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49be3bee5a2c7cff75416b823ac8f85c56a03c464e366c9b0187a584c261d73c
49c2372b7f4150d881a9b2ad1cd5b353216eb2a251d065fd01804cb23008fa39
4cb1f6abb1e72d4adca63209b1f29cacc469a9f553ce535a5c9ccccb186fcb1e
4ce045a7fdd232ae04a2ebca06705660f5659ee4c01e8c73b3eae3c1b304ab96
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71
4d7ffeb524e6a4ac5c9fc82962a510341ea5669c0eaed1b457900af3f0edcaca
4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4e9de87d3ff28d9d31e29c9a48f9645a17bd7106d40707e532f35ed07a7fbd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84
50546db9a553c4348d88b070375cb8a4ec8c22f3b0480ae4073d3b4fc92b9a83
505c2988510a5abdfe7f601e508792642bf8b20c61dcc4734c5efc807180a0dc
524b319c58ebf5b553fd48abe0e0f5789777f7924488201e971d14df5655cc24
5273c367f5afaafb3307d4721c7561832b2d0a4d92b976ec3f9e8de735d1696a
52b3bbb82a3cebf72656847e5b17cb77e6d21bf9982b7dea18870176e31d4801
530745849172220375d8adfbe425215eab7ae5a761ca5fdd71c444876e8ac33a
5352cd38b3e8e1d78be593c44bc5d90c35cb92febbbac9285971bed9f462bc15
53779a47004bf1dbef1c7c2de44c6aa02431c9a83b9a004cb1e3dc5bc9b16051
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558587aecf42d586786beb44c29643e4140c153e47f39fc18e4567cfedfd9fb3
5597f026de52013fae8954e9f9a8f615f7df9b53d11570413e3bfbda6df8817f
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56844865f451301e7002222fb55eafef2d64d465d891aa4fede0959dfe196d85
57fa66f671c31657881d8f7ffc795101e8f04b8d67abf5fa8031335d257cab2c
586e63dbc437c8dd8d55cac75ae2e10cdda94e20c52e6e6dec0ef21b89716bb2
588f07403a678b388aade7b10429da2ddcaf4ca53e154dbf59a08b5761db6f29
58ed0765755b1b61d337e949d09b0e5b4ddd9f2b17c21af589d4c995ce1d9cfb
58fc060a3f7c6317774af8a786c012cbbf2f20aecc5a67611ea6db23071b66c2
598e4bd352e0b5f6a646a0ab9f048b87c4a3bf9fe06e1e296985f0a644a7f3d1
5b42450c61033c4deefbf06d5bb785568022672c8dccba8e13ddc5244ca3189c
5b65166c7e918072c1381ef9f695cc1172310837081bc5307d46e89a86bdd79a
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5cfda0c296dc1e9dafc6a465d30f986224bb2354ac11d8e3860e3e12b5d44667
5d90b4ded123f920d0b333b4370184308689c88ce35b107ed49b22a5e197967e
5e12f7e893ae948a0b21589484d2834a7ff8f770953c027e69cf49d8285d2588
5e3083ecc9075acb142c47828d3771ea5bded150a7b0047b6e8bc31d010ff3f0
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f18f0a7c70dcc77aafe92c6f43040a7c20a2910715a3c2f7f4781d11f1400c4
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f
5fd1b5efb0cfa2df9a3ff7df0035d7bb53c0da9870b93a39e83915a41f091f9a
6104ac94e847507fb28c977e43666e7c3962ea1fdaa23714f6b410e455f7b58a
61cc395833a9a5abf390b87745645a9f8e99308930cd7a760835895139e31a7b
62565eac25e5fbc0ed4528970dff1dcc76bd991114b703aa97caaf3ca24ad65a
627cac56902b79832ce960de0a9d92d03a9ff846c2387eb0ced424179ae66a79
62b646bb3b12254ac7c14fde9f5068a565b4b88f8b4b2b1fd0435d0bf3cf23c4
63c47177726de5d0b0d5a84193be6c4014863ba54b9be3b058978f82690c7199
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64927e61be38ae0543ef5301913ecb53c62f41e76e4a3ca8e01c064d0238cfe5
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5
65f45ec11c2a1f1ac0f167cc4e21860b9387fc942797c57609051822ce700f33
66ca58cbade31a20bbcc4e38cf4fff5fbcabe5a77fcc9382b76b95840d0fcb62
679e665fa4dffd901db223205470b9a452783483c522eca9c01b5758afe0069a
69125c0bf0b19b4fe3e1673b40ab0c1d87ca795023d5d3d8f8bdeefa690e74d7
69dc8e4bdca2a029ddba62e0fc90a31816ece51e1610b5d7ead08b5f692fc23d
6bb4ff6c73238620610fe37d029c220b69dcd992f4079b867dcaa133121b8b94
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901
6c4a9b00c46d0c2afa6b4b0a9f7815b6bb02d418840202804df2496442768d56
6c71681b8be915eaf297869a53de1be808959a8093905658c8138095de1bdec8
6d2237b7373e69635fd2eb4d6bb7f6e7dfc1b8046684b4c5ec604d4b3c4b8212
6d4b871026e1912263de416e2998423157080532a674bfb55eff6372495521ee
6e62757bdb4eedf4aebeef645f4ac7f20d31d0169cfc22a69783a9835aa05e6c
6f705f770a6fa01a8df22c732d0a83e28afa2229ffa7928b1686411916f8739a
6fa255f7d2c7a37dcb8382905a4f287a7f11e5e9daacc01330fdcef9c58cfd64
70c8510a3e9e263084f58658c2b4ea2588d1d7f7448605006f932992bb1e0cd3
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97
712b390b52bafb264c7901b11ebe3fed9d28e72e436d75ba467b1f0d8347f847
719251218a7baebabed9f5a47c4be39d5b591e76b66366f91240b99789a0e8fd
72b036e6fa73e5aa28dec001ea351c2093e315a85b992ac48fea5bcd35a353f2
72da216881d58eb4ad04299d6ead3c758365b7c629c3839211b1845e945cd524
72e20b62497c46979a96a26add7eafa968862f9b972cdec6fdf191205370c565
73916a5e5a6f7d4f62577c3eae0ec207a7e9cfedec43733cf2b10651c08454d4
7525f4e6a80583ba9b91b9af2384c0e1374220e4902598f9430419139ad7d15c
7528999137e4eade01578c6271291ece43541c53ee54a41b32a45a11773f7e96
755f89d0eea5f87d2ac27c8a74dc937cd86888faa4bc36d98d7dc8515a5575ea
7560304ce110aeb9327cc3894fdbadd12a9eb9e79facbe2490b0004aa9e36a9f
75f5b51fa454f94ad8d73dca3108b1101d5c3c8fbe7b9f1d9d57d0c41273c3d8
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22
763d419329ebf896e36493675fcaaadb2085877a103c034d629d8c42173500b5
765fdd395e8dab4cbb26210484ab46c1d1c3217ac787a3e6fa9629c746154e80
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
78678f40fc2508fd8c3cebb8195511a2bfe3890081067906907de8efe414321e
78e772d69cb135b99853f79780bcf7ca49ab4a9a6ecbb8fa0f854f112a29e28a
79f0350cf913538846d0b770ce10d579d3aa51daf5e7566d3c4beb89d7824fe2
7a4533dace9efa40950656f5d709830faab04b540210a81c438e9a5026071ae7
7be3c2a509b2ba83ba761cd3ba7069c61d8d0b89b7ceb2d5460c854ad273e20e
7e235103e504c0e1666930db8178734675da9761655d4193cf2fbad4e8da1e91
7e435ff9dee480a194d1247d4367ff517de459631d705d58b2e190ff76034bde
7eb9e61390e75e75da78c3135da51d13a412a262a856aa185fa1c07a01e41e97
7f757672962e775dd13eb770bda0c3c56efb2e4f21fc7d3eead345831d291a40
7fa1cb6df3efa85f3b82cbe4f2021ac7af8812e1bfe9c11e9ea47d08018408a5
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
80de277ef9de6445ec9a9f4838c2ad4c33cd0413a2e6910be47472abc910ab9c
8137485b35baa28e7246f7a393da3985722dccd06c92d6e32601c9540f695322
814f44ccc707d3add2e88b39eec6d481f9d1fd01b0a1c38fcb547e6a63ff64c1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838566c95c446f778f5d9d221dacc74498942b6a791ee11b7486b261c44462ac
84522dcc6086c5e71e7b83b103412d98cdb736854c1676bc92457e9ec1f61e5a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e
8590ee2871189fe2bdb44d32ceb04e73194eac8d2785113c8a87c79bcec64f3e
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595
873c6477509668bcf101b755809451cba0ded528c24383979fd776cb0f364b79
8797b0d6fc319de6a3b06a2cd9b2c2923af26def41bbebaedc47c758c968a3e2
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88c985dc15ee32a2768667e9db261e22ef98df50334b5475725779c32eedffb7
89baa7d058d08c84a3039aa7a4da0b8ea561e91cdf792136e121d8f025432631
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a264a765eac501f00fff915391b733d32ad4531626d87d8eda362fe6a940f8b
8a54adf7bdeebb255cfe7e9b7b1f340e2d46043dbadbfe864c47aa112b713750
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aa98bb9ab6d20728aef09ead74af1bc2c41f8751728b7c2fb047fdf4a6d79d8
8c202d221f593d44ab7aae4d1d9f0f51b92f80f6a26628248cc1cdacedc9b776
8c40d0fc965fde82399e88698b43c234fd3cff5d710e830f7dc4f1aa2c2a5d49
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d083c6e9d075a74337b0020d05237569e576aa8a1c76816cd94d6fffc798673
8d207a477226b283dc07dc414dba49f80224469ca61b349983c270cc59c47430
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da71792dc84d6ccba8917fd225b275ea7d4feb5e4e35bea24fb6d8eecec31ad
8df8962c0d12d2b530e81caa6122a81d4cd2684348d8d7575e6dce9010ac1973
8e5f283dde96971e070c68e4d547a5b73de58e35314c99aa1c60e47815651958
8e93f6c4bb198d4ff930a700439b6a1884ab303721cfd0032c9570f8f7edda82
8ef2b81205496ce469be69227cc276336ca0b83399513cfa033430270458224a
8f4f968a83c859f3a7e8a180ce0c10413c2e59b51f5c67ac3784161692844c89
8feb953a6a4ff5a76d5dd29b54055fbbbcff63997cd60214f5eb5392de5d5b0b
8ff40aa73ab1da514dbfdf7f1b451f2227787f1b3aa25e02eab1f8915d23ce38
908bcb5d904670a9e2f1e1808a99a67d7a68e1553e6d578663331402a6375523
90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb
911a859a1b69e20e398dc4371e14165d3ac807e2f8e3e4a133f188acd7d746f0
93aaa56772a9c3c0b4b9cc5613f13f3a041167bbd60c68975f89a32862f12028
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
95a999c46c2e0ff7478abb0b288a1037dafb926b877cdc9e2b65869899cd3755
96b2b9529fd25b5ad34352fa2491b592c8fd004bc8dcd0c33b7e3561a4ed4dc8
96e1cdb5ecce35dae1cfa720a533a238668f235ab4ea1f3b551e2a5f3f86baec
970c1a923e7d94ae1aed4e8bc432d47c995ac06261274df5aedde4a024fbee4c
9739a3ce1b24468dba68022ca4b41c2f10f6fb1fef0931ac881031cb8dfcb7ab
97fefd2b431320c047161e02b899f6da786ca09b1f50635e5675073d6ca3d908
98744d30b1ed16afacceaed7c24f4489b0f934ad739182590bf1c669d25acc78
9a7fb6a1406befc7f0b158e21bc25bc519b169b39e9d4eaeaf168f64df0d2dad
9c004d880457a10d49e8c46ecb5327414e521fb9420aac2e365de794db65f7d3
9d9fb7a6cd6cfc60516489cd7ef272c465477e3d4bf785861c01e4db9e3b73e6
9dcfd51d5d66ff9eb74e058d0279b9a52c455449d929c79a1b417171ad02ef9a
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534
9fa65516bd8728ea09002c21244cfc8967b205ecbb45867f528f6c2715f4d50a
9ffd2a1f25446b0da03facaf046dc8a40a5f163e2cf7ce1a01a5c4bdaffbb126
a03d26332b3b68759f4c9d3e807ef41fd49a4402056c85072c964d7307e39920
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a42982a95acaacb955f1de2cdb519e10adfe82f8b4b99c987f4a7f70eb2f2e7f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e7efc4fa087f20d61377793d0b2daa369514f844ac153880e17bbd82edfdda
a4f4de3f8ef14baf9745385dca27d067be09c5ef16d059f9fceb513f09e22c9e
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6b28776fc81801179c74d5e3df5614e352ca77fe191bfa9d0efb49d0cf3964b
a704480bd2d436dcd5609f0624252f0204dc3147f5123a45c0c634bd25ed30bd
a72bede3e458cf0f0a418b051e1b6e8ebc245c75a7ac2561392ff05604db2ae7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8599c83fb90bcf3d1c3a01c36e5c3b417bafdfcdbcc754cf831264d0420a047
a8cb2a3b1a0471032a31978a7374639f9bed710ae22f5f153fe2b956171389bb
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
abe22f93abc98bbb8f14be1b1c4057979f930c924dadf48e97dea45bf0e305de
abef8835ae5c190fd468c7d0a7afbef1fd97df829dde06367d41d7d746ed730c
aca056c26e4f269ca1128e03be8f51dfa8d954fea61824c2a4b058c16305eaed
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4c0d28fc224e5c39162889cb7a07df6b3ada3152bf4aca8793be091f515079
af8aa9b0685c41084076f7af2497cd622822d769453f1a97eb603bfc73846871
b026854e828f89ed3c11ffe28d561704794e505a47c962b4f530edb2d4a24bb8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b38427a7f38c3e0e7febe2583441fb418fcc9e314dcd9b199f2aec9b7c27dc03
b3e64a49608a1aacd9864b73405575b42086e9556f5f06343a973b27629f6812
b3f22aa940cc0a7c4132be6d72a8596eb27b5870b78dbbb65d4b1180c42d849b
b47ea38ab42540ac291495c4907c9a4fd0e57531988de7bcd6bbc6693c0f3ca7
b4b35c8eabbe8241b7451f62cdf4eee1111a0a60e596c711d5f87e832e9cc502
b4fc61928774a19f4f1f47a3144857a3e4958bf4ac8a66ee133b8da624dc9b2a
b535be8fbd5f4e1530ac8ea77c5f69a614d1db1eff69e06fb6fedf05a3752d45
b580196fa11d0795589fb4ec033a9022e846a4ce466ef422b3dcc88058462a3f
b5927dd8f844e94a7709879db8b641e12d83beae1939483e2899b3b2403db924
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b63ae4e704abfda6c3799cec0767b2ad219b2a09640546dceda784fa8cdadb86
b6aa2617adf5e75717a58f90f37dc27b7fdface626c4cec49a759b790a3eadd7
b85f926ae2b48db2ef99fc41609d19b59d5b99dc197f6518eb8b848d37285b07
b974c09b492a72449d8b75be1180b398cd93745c1ad9b30391020e978fe2334c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbc48f32ae5849f3ce3b4966c4086d43862a694763758bee9838cf09b393540
bd6b58e0329ce4f278b636d2468537e1fa308943b0d3acc17c4ab4c12ca0a7ad
bd78e608399216d3bc69b5af9089f0f056f33121c5fd85bb8cacf03e801bdad4
bde41969c0e365ea3e06156c66bea979d8a0446021faac599664a0967c7922f2
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730
be9c57a84ecd522b1576dd1b29cc82837e2c0d7c389fcc541746b6202e527790
bf0bf2d50c23d7a1dc8d2fe7feb4d689fce3b2ddbcfecdcff414e1f64c721248
c37891f7c15a7c9e0059422a9933fbed77130bafd1f43236a1e35ad6e2e4edbd
c3a992b7b26235e6c54e987b4f62f793fc2a422a494d8505b796383f70b65283
c405467486e24c37c6ec2f544955cc3d9f64b16f3ec3a53141044db19dfcbfcb
c460f71df781347c711762afbb36adfc71467497eb187f9ef5cb8d91d8ca933e
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c6fcbd8f5dc872b379ec7182b036a70ae74d0ca77fbfefe1d3deed31046f65ec
c78e1cacea5cdcc78038dd0b32ed1f6909744fe10952a4c5669b3f435246823d
c7a370e6aa67841b327a823b57cd1f19d4225c246e8ff4782bb02076e9db068b
c81a10e361d904188643b5082415e040aeac6b6965599086c7f0fd991088712d
c89c64b575e8a64b87fe7c797f0c01bef0fc2dd3b745d981eb11797dee02d34b
c901540f95f5ce922d445f2d1c365abb8ddd12f0e977af891330688c157242bf
ca71558305011fff0e0d64c35f5b320f5e593b510cc6f0d0a89346a6748e51d1
caacb11f2a4120d70c02e77a923e6a91aea206405f459677bd81f921a00b6a89
cbba81be3051e8991f30564494f6efc94f3ed2b60c626aa8308c5f816fd76234
cec680057c55a25a713b05306e0abf3eb3cc55a9e730cc31a15e4528f60d1a17
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e4f70db323567f819f9a78af084b97bffed78c13113453262ee01765ea8352
d125dd07be92e071995c45c5a41f86356e04145646da419eb1c0e2dcb1b0cc2c
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3
d2cae3b00a62681ec0a17d588b584c2e14de385a654554dca588b08e284ba0c6
d542667ec582f16e0ac784f9e110f362829547d0c9979dbeeb55a7c823908ad9
d59bab2d41d9e595148506153fecef31f06271c6e2a00b86ed9d85454499de2e
d62d597db03aad0266b8d188f8d139f72b07b89a1100033d3d839df578096ea2
d68d3ea4d58940eda6bbf767bdf34c8576faf6a3e44a405a811f7947cee8e691
d81eef69db36430ffd22277971c0d3dae40564843ca0bb10fef95143f8368844
d836dce6db2df61dce68f12dd294a6238320c2b84742889ceb57a29bfd551fa8
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d8883d36800520f2c54db3d89960f7813af714cf8407c84eacb89db80ebcf32e
d924e864deb13f8dda4beef4f10deb0277bee345cd8c948a14b123607f418e77
d945d9f09d0a35ad4dbc62e5782511772dfe3ac93f2dabbc787c322d03cb85ee
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
da260e24d5adc1d7fc8f03a7441ba04a52f4067e785f52752fc6387bbd8e0cf1
dac294989be7cda9d1e6fdab604fcbb3b19095e1962c4d1f74b93512226e0614
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
ddfd1fc76fd5ca2fce738024f7a7a9a6564f7441e86c92b3200caaf55b17597a
deabe92c2bfa27590af91ef428bb343edd471dd326d30cfd1192b21fd7c24358
decb1113243b22484bafe4108845a011aa451da97c656ddd601af8b6339667f9
dee827bbb3290203bb7455c6f48f5ed2da6649e49cec650eb85b45debdb0866d
e00d0d0c340c657a8abb7a4a21f314ba46e77ea88c0d4a7d35d93ea726c1d5e5
e0a9ca323fd958deb81838927501171b22514405a7194b65ba5481ece50f924e
e1eda76ef838814a3aff920cabf1961046b317713e1dcb13d918520650b1573e
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3108303dc4c635fdd0ab7d1cf121cf92084bf7eccabf08416f7f5a959f255b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e247478fc561a82e78bee7449288e91a808ece811f6aac5842df15b0963755
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e51f53af37137e4cc9fb4f2087ac3b2140e8d0c4b767c0549cb56e6b179ccec4
e5bc14ce77af44bc8500e6fb482c2fc2e83ad065c503ec68c3d5fb4586495d06
e647382f1282f09489e2b97869fb5a6fbccb81f154189c50abc16c343f1185f3
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e6cb2949d3e2ee73d2705dce6ff2ab5f181b3f29b0268e878879d5a453d62b5f
e86817d66cc5e997f07901acc2baa1b6fcd43a4872c5609ca9e6d5318114ca8c
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278
e8b62fd213e58516fb04c3778da4118f4169987bb4ae8caee7b98a46524d0914
e8dec49e0a0fd84d550252696ce78d415d0f125aab158811f014bcfe35d90968
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9b368e35a2c538e7431e028e741fc490d0ef428c106bcca8105796ad69fd760
ea4a9d29ee63a41e51b16f3d6494959ab5c31bc2d29f9bc007f5a250ae80fcfd
ea538915fd24a4b97e0449f2c0b6f04879c2c1e0bfd08dda8c52ac93dfc9220c
eb393b85bc805c13919d760cd08dabe22aed426795ba8315e086e3bd6a10dbe8
ec082db75e9e007f535c26a73cfdcff9677866d275c5b19027cc27a47779ad4a
ec46daadaf419d6fecbc0089c08f29e5bcfa6e2ecf9b22425b9a29bc41785e78
ec731d0241085a66f9813967efbeb6760f7b5033671340f1320a336958418bcd
ed53ed357014f85bcee2323c5309a7484f76b17ee01525d5b3a72b44103ae8ac
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64590f45dc5bfb600d40b408461af93d3c734e056e1e73ce5d2ece417ceda8
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f15f9338d3cd8c49c06a24fd2f29ecc6dfd96e72d10e9ef58bf0e9f5cea66b7d
f252b9509e2ffeeea7ac8b6acacf2305281c0b29c15f01953cf705ec585656fd
f2cc5bcede5d21653a72789b1e8eb13d3f38ae4ba975ee9c52852bf4fe8479ef
f3462c9cdb44430568b23a58b9570090b5990efeafd716f5c5b02d35847aa027
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565
f5c3a2b9960ff10f3d72ee4cf998c41b7e155b776f57c1e2095239aab15f201b
f617c71aedf0d8fbd7c9bf7ec7d1e6dfdb8de0a3c7b2c52204abe51542bf740a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf
f6fecb3dd66ef7794034c300c934f822b3c45235194bacaafc6f3a439f0bff9c
f729dd17edaf7ce3cca3661569898800e2b8aeb4fa8aff12363dbc8b86eb1404
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fa1f1e8071bf081a7986eb95c9e4e3ae548d537e4dd794ddd161438e719ae187
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e
faf829046ee4ee99e05b2592b3277e23c81c75f97b7c66a6092e2e6337fdcd38
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821
fb3fdcd70f1c47932797ed2ebc40d360f1bcdc325e95f5041a684b0375f2bb98
fb97922fac144b8ebe35e4d15d9fc4579948e5d7884ca8a585f08fe996e95f9c
fbd736dd2bb92692230c9d2ece335d9ce04c07b492614816dce5c18a0fb655d2
fc09af9f2e92bb5b4630c30273c8c78f5744d09d64895e2b0b1f5a039f68bf80
fc5e7eb99c90ea057904e394b01b1008a4a37236ea5040eaf941692a3a7f21fe
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163
fd131d938827f077fab22fca720385678443c21b019afdca6a217d2690dcef57
fd328a52efda360e1e1e1f5d20781c1d98ccd380c4995d35e9f7a3b56bc821a7
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32
fe2c0ca4a55948414f3460ba76dbb0e095d7b4c3be9297b249d77470f27d5c08
fe67d22e3c1631ecaf1bc3d20adf040dbf7dd1388bb1018bf5e9484c0ed9a3ae
fe81b77b2d87700aa4ef86aceed606e4cd5c7a03ef3c7a11e1bf230f7d21ae66
fe917a5ef00f3ba444fe50063ece8266ac0e6d684945f6a7e031617415d5e20b
ff78a6c60d0a125443167a6d8c77a05cde5a1f578574d99ab39fc7f3bc0ff5a7