urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetaexpress.com Open in urlscan Pro
104.21.59.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Effective URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Submission: On March 21 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 10 countries across 68 domains to perform 354 HTTP transactions. The main IP is 104.21.59.143, located in and belongs to CLOUDFLARENET, US. The main domain is www.gazetaexpress.com. The Cisco Umbrella rank of the primary domain is 321306.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 104.21.59.143 13335 (CLOUDFLAR...)
3 69.192.161.54 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 52.239.139.164 8075 (MICROSOFT...)
8 216.58.201.66 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
18 104.19.132.78 13335 (CLOUDFLAR...)
5 208.88.224.28 40824 (WZCOM-)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.230.111.31 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
23 151.101.193.44 54113 (FASTLY)
3 2.22.33.114 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 37.157.4.25 198622 (ADFORM)
3 216.52.2.19 30282 (AS-INAPCD...)
3 178.250.0.165 44788 (ASN-CRITE...)
2 7 37.252.173.215 29990 (ASN-APPNEX)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 18.196.230.57 16509 (AMAZON-02)
4 2602:803:c004... 26667 (RUBICONPR...)
1 108.157.4.71 16509 (AMAZON-02)
1 2600:1f13:57e... 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.67.71.111 13335 (CLOUDFLAR...)
7 184.30.24.22 16625 (AKAMAI-AS)
1 92.123.194.180 20940 (AKAMAI-ASN1)
1 2.20.86.97 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
3 37.252.173.27 29990 (ASN-APPNEX)
1 2.22.32.24 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 92.123.224.108 20940 (AKAMAI-ASN1)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 184.31.84.150 16625 (AKAMAI-AS)
4 35.244.159.8 15169 (GOOGLE)
2 185.86.138.32 201081 (SMARTADSE...)
2 204.237.133.116 3257 (GTT-BACKB...)
2 18.158.84.255 16509 (AMAZON-02)
1 2a03:90c0:41:... 199524 (GCORE)
6 104.19.136.78 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
5 44.196.209.25 14618 (AMAZON-AES)
1 3.217.20.60 14618 (AMAZON-AES)
2 152.228.222.122 16276 (OVH)
2 52.209.147.3 16509 (AMAZON-02)
4 4 213.19.147.44 26120 (RHYTHMONE)
3 6 3.33.220.150 16509 (AMAZON-02)
2 52.200.158.235 14618 (AMAZON-AES)
1 193.122.128.135 31898 (ORACLE-BM...)
1 104.102.28.254 20940 (AKAMAI-ASN1)
1 1 23.88.75.189 24940 (HETZNER-AS)
3 4 18.156.0.31 16509 (AMAZON-02)
8 217.160.255.213 8560 (IONOS-AS ...)
1 198.47.127.19 62713 (AS-PUBMATIC)
2 141.226.228.48 200478 (TABOOLA-AS)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638::3 44788 (ASN-CRITE...)
7 185.86.137.32 201081 (SMARTADSE...)
1 2.20.85.83 16625 (AKAMAI-AS)
8 9 185.94.180.126 35220 (SPOTX-AMS)
4 6 142.250.185.130 15169 (GOOGLE)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 2 37.157.3.29 198622 (ADFORM)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 151.101.2.49 54113 (FASTLY)
2 2 52.58.249.203 16509 (AMAZON-02)
7 104.75.89.138 16625 (AKAMAI-AS)
1 2620:116:800d... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 10 34.251.6.15 16509 (AMAZON-02)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 23.37.42.132 16625 (AKAMAI-AS)
4 104.102.30.13 20940 (AKAMAI-ASN1)
1 2600:9000:215... 16509 (AMAZON-02)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 185.86.139.103 201081 (SMARTADSE...)
1 51.195.88.7 16276 (OVH)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 35.244.174.68 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 4 69.173.144.165 26667 (RUBICONPR...)
2 3 209.54.180.144 16509 (AMAZON-02)
2 2 3.120.46.78 16509 (AMAZON-02)
6 37.252.173.62 29990 (ASN-APPNEX)
2 2a04:4e42::300 54113 (FASTLY)
2 141.226.224.32 200478 (TABOOLA-AS)
4 4 76.223.111.18 16509 (AMAZON-02)
4 6 8.28.7.82 62713 (AS-PUBMATIC)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
354 93
56    104.21.59.143 (None, )

ASN13335 (CLOUDFLARENET, US)
www.gazetaexpress.com
3    69.192.161.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)
agorahtag.tech
15    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.239.139.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
8    216.58.201.66 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s01-in-f66.1e100.net
securepubads.g.doubleclick.net
1    2606:4700:3036::6815:4f16 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
18    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
5    208.88.224.28 (United States)

ASN40824 (WZCOM-, US)
serv431.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.230.111.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-111-31.osl50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
23    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
3    2.22.33.114 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-33-114.deploy.static.akamaitechnologies.com
t.teads.tv
1    2606:4700:3031::ac43:81b0 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
4    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
7    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    108.157.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-71.dus51.r.cloudfront.net
certify.alexametrics.com
1    2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f (Boardman, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
16    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com
094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    172.67.71.111 (United States)

ASN13335 (CLOUDFLARENET, US)
bisko.gjirafa.com
7    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
contextual.media.net
lg3.media.net
1    92.123.194.180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-180.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    2.20.86.97 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-97.deploy.static.akamaitechnologies.com
warp.media.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
1    2.22.32.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com
hblg.media.net
2    2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
4    2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.projectagora-adtag-library.com
1    92.123.224.108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-224-108.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
4    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
projectagora-d.openx.net
u.openx.net
2    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    204.237.133.116 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
2    18.158.84.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-84-255.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
6    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
6    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a02:26f0:7100:2b4::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
player.aniview.com
5    44.196.209.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-209-25.compute-1.amazonaws.com
track1.aniview.com
1    3.217.20.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-20-60.compute-1.amazonaws.com
go1.aniview.com
2    152.228.222.122 (France)

ASN16276 (OVH, FR)
PTR: ns3189334.ip-152-228-222.eu
s333.adxpremium.services
2    52.209.147.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-3.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.200.158.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-158-235.compute-1.amazonaws.com
sync.aniview.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    217.160.255.213 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
vpaid.impactify.media
sonic.impactify.media
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
6    2606:4700::6812:f13 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.impactify.io
dvr.impactify.io
pg.impactify.io
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
1    2.20.85.83 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-83.deploy.static.akamaitechnologies.com
acdn.adnxs.com
9    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    52.58.249.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-203.eu-central-1.compute.amazonaws.com
pm.w55c.net
7    104.75.89.138 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-138.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    34.251.6.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
ad.360yield.com
euw-ice.360yield.com
ice.360yield.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    104.102.30.13 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-30-13.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2600:9000:2156:c000:1:7eae:e800:93a1 (United States)

ASN16509 (AMAZON-02, US)
creative.360yield.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
1    51.195.88.7 (France)

ASN16276 (OVH, FR)
PTR: cdn-eu-de-01.impactify.media
cdn.impactify.media
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a05:d018:d29:3601:b883:24d:29e5:b600 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    3.120.46.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-46-78.eu-central-1.compute.amazonaws.com
pixel.advertising.com
6    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
Apex Domain
Subdomains		 Transfer
56 gazetaexpress.com
www.gazetaexpress.com — Cisco Umbrella Rank: 321306
1 MB
29 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 562
images.taboola.com — Cisco Umbrella Rank: 1507
am-trc-events.taboola.com — Cisco Umbrella Rank: 13795
pips.taboola.com — Cisco Umbrella Rank: 1686
cds.taboola.com — Cisco Umbrella Rank: 997
519 KB
25 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8333
c.mgid.com — Cisco Umbrella Rank: 6428
cdn.mgid.com — Cisco Umbrella Rank: 10514
servicer.mgid.com — Cisco Umbrella Rank: 8449
video-native.mgid.com — Cisco Umbrella Rank: 28798
s-img.mgid.com — Cisco Umbrella Rank: 7801
cm.mgid.com — Cisco Umbrella Rank: 2218
326 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com
247 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
cdn.adnxs.com — Cisco Umbrella Rank: 1232
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8051
acdn.adnxs.com — Cisco Umbrella Rank: 523
secure.adnxs.com — Cisco Umbrella Rank: 359
71 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
287 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
4 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
eus.rubiconproject.com — Cisco Umbrella Rank: 503
token.rubiconproject.com — Cisco Umbrella Rank: 595
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
16 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417
ads.pubmatic.com — Cisco Umbrella Rank: 419
image6.pubmatic.com — Cisco Umbrella Rank: 571
image8.pubmatic.com — Cisco Umbrella Rank: 570
image2.pubmatic.com — Cisco Umbrella Rank: 774
8 KB
11 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
euw-ice.360yield.com — Cisco Umbrella Rank: 14035
creative.360yield.com — Cisco Umbrella Rank: 83857
ice.360yield.com — Cisco Umbrella Rank: 1381
5 KB
11 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 8457
player.aniview.com — Cisco Umbrella Rank: 1997
track1.aniview.com — Cisco Umbrella Rank: 1948
go1.aniview.com — Cisco Umbrella Rank: 4770
sync.aniview.com — Cisco Umbrella Rank: 2462
120 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1227
www8.smartadserver.com — Cisco Umbrella Rank: 5216
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2242
6 KB
9 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
8 KB
9 impactify.media
vpaid.impactify.media — Cisco Umbrella Rank: 412159
sonic.impactify.media — Cisco Umbrella Rank: 4919
cdn.impactify.media — Cisco Umbrella Rank: 80893
13 KB
9 media.net
contextual.media.net — Cisco Umbrella Rank: 469
warp.media.net — Cisco Umbrella Rank: 1895
lg3.media.net — Cisco Umbrella Rank: 2569
hblg.media.net — Cisco Umbrella Rank: 1367
155 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
14 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 626
5 KB
6 impactify.io
ad.impactify.io — Cisco Umbrella Rank: 49564
dvr.impactify.io — Cisco Umbrella Rank: 64877
pg.impactify.io — Cisco Umbrella Rank: 67657
97 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
2 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 512
eb2.3lift.com — Cisco Umbrella Rank: 346
3 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
c1.adform.net — Cisco Umbrella Rank: 524
2 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1118
t.teads.tv — Cisco Umbrella Rank: 2303
133 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
2 KB
5 serv431.com
serv431.com — Cisco Umbrella Rank: 638777
17 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
px.moatads.com — Cisco Umbrella Rank: 392
103 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
122 KB
4 openx.net
projectagora-d.openx.net — Cisco Umbrella Rank: 32370
u.openx.net — Cisco Umbrella Rank: 621
781 B
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1689
47 KB
4 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 22541
239 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 399
439 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
www.google.de — Cisco Umbrella Rank: 6433
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
751 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
678 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
660 B
2 adomik.com
projectagora-483829-hdb.adomik.com — Cisco Umbrella Rank: 25477
206 B
2 adxpremium.services
s333.adxpremium.services — Cisco Umbrella Rank: 85563
532 B
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 409
673 B
2 projectagoraservices.com
ads.projectagoraservices.com — Cisco Umbrella Rank: 17685
8 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1404
res-a.akamaihd.net — Cisco Umbrella Rank: 5376
25 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
63 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
102 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
315 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
114 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 565
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
703 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
17 KB
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2428
1 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 381
372 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
477 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
675 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
269 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1024
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
543 B
1 gjirafa.com
bisko.gjirafa.com — Cisco Umbrella Rank: 279058
929 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
645 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 3792
552 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1565
163 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130
183 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 34659
82 KB
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 74501
87 KB
1 windows.net
gjstatic.blob.core.windows.net — Cisco Umbrella Rank: 178558
8 KB
1 agorahtag.tech
agorahtag.tech — Cisco Umbrella Rank: 76904
2 KB
354 68
Domain Requested by
56 www.gazetaexpress.com www.gazetaexpress.com
15 pagead2.googlesyndication.com www.gazetaexpress.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
srcdoc
tpc.googlesyndication.com
14 cdn.taboola.com www.gazetaexpress.com
cdn.taboola.com
13 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
9 sync.search.spotxchange.com 8 redirects
8 securepubads.g.doubleclick.net www.gazetaexpress.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 ads.stickyadstv.com imasdk.googleapis.com
7 sonic.impactify.media ad.impactify.io
sonic.impactify.media
7 www8.smartadserver.com www.gazetaexpress.com
imasdk.googleapis.com
7 ib.adnxs.com 2 redirects adxbid.info
cdn.projectagora-adtag-library.com
acdn.adnxs.com
6 image8.pubmatic.com 4 redirects
6 ice.360yield.com imasdk.googleapis.com
6 secure.adnxs.com imasdk.googleapis.com
6 cm.g.doubleclick.net 4 redirects eus.rubiconproject.com
6 match.adsrvr.org 3 redirects eus.rubiconproject.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 s-img.mgid.com
6 cdn.mgid.com www.gazetaexpress.com
jsc.mgid.com
5 trc.taboola.com cdn.taboola.com
5 track1.aniview.com player.aniview.com
5 contextual.media.net adxbid.info
contextual.media.net
www.gazetaexpress.com
5 serv431.com www.gazetaexpress.com
serv431.com
4 eb2.3lift.com 4 redirects
4 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 static.criteo.net adxbid.info
static.criteo.net
cdn.projectagora-adtag-library.com
4 ad.impactify.io player.aniview.com
ad.impactify.io
4 images.taboola.com
4 ups.analytics.yahoo.com 3 redirects player.aniview.com
4 script.4dex.io cdn.projectagora-adtag-library.com
script.4dex.io
4 c.mgid.com jsc.mgid.com
4 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
4 fastlane.rubiconproject.com adxbid.info
cdn.projectagora-adtag-library.com
4 adx.adform.net adxbid.info
cdn.projectagora-adtag-library.com
4 www.google-analytics.com www.gazetaexpress.com
www.google-analytics.com
4 jsc.mgid.com www.gazetaexpress.com
jsc.mgid.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 px.moatads.com
3 ad.360yield.com 2 redirects www.gazetaexpress.com
3 imasdk.googleapis.com ad.impactify.io
imasdk.googleapis.com
3 sync.1rx.io 3 redirects
3 fra1-ib.adnxs.com adxbid.info
www.gazetaexpress.com
cdn.adnxs.com
3 www.google.com www.gazetaexpress.com
tpc.googlesyndication.com
3 bidder.criteo.com adxbid.info
cdn.projectagora-adtag-library.com
3 ap.lijit.com adxbid.info
player.aniview.com
3 t.teads.tv www.gazetaexpress.com
3 a.teads.tv www.gazetaexpress.com
a.teads.tv
2 image2.pubmatic.com 2 redirects
2 u.openx.net cdn.projectagora-adtag-library.com
2 cds.taboola.com cdn.taboola.com
2 pips.taboola.com cdn.taboola.com
2 pixel.advertising.com 2 redirects
2 mug.criteo.com
2 eus.rubiconproject.com adxbid.info
eus.rubiconproject.com
2 pm.w55c.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 c1.adform.net 2 redirects
2 am-trc-events.taboola.com
2 sync.aniview.com player.aniview.com
2 projectagora-483829-hdb.adomik.com
2 s333.adxpremium.services adxbid.info
2 player.aniview.com tg1.aniview.com
player.aniview.com
2 cm.mgid.com jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 tlx.3lift.com cdn.projectagora-adtag-library.com
2 hbopenbid.pubmatic.com cdn.projectagora-adtag-library.com
2 prg.smartadserver.com cdn.projectagora-adtag-library.com
2 projectagora-d.openx.net cdn.projectagora-adtag-library.com
2 htlb.casalemedia.com cdn.projectagora-adtag-library.com
2 ads.projectagoraservices.com serv431.com
2 lg3.media.net www.gazetaexpress.com
2 www.googletagservices.com securepubads.g.doubleclick.net
ad.impactify.io
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
ad.impactify.io
2 adservice.google.de securepubads.g.doubleclick.net
2 www.facebook.com www.gazetaexpress.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 cdn.impactify.media ad.impactify.io
1 094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ssbsync-global.smartadserver.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 creative.360yield.com www.gazetaexpress.com
1 euw-ice.360yield.com ad.360yield.com
1 z.moatads.com ad.360yield.com
1 biddr.brealtime.com adxbid.info
1 pixel.quantserve.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pg.impactify.io
1 acdn.adnxs.com ad.impactify.io
1 dvr.impactify.io ad.impactify.io
1 image6.pubmatic.com ads.pubmatic.com
1 vpaid.impactify.media player.aniview.com
1 csync.loopme.me 1 redirects
1 ads.pubmatic.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 sync.targeting.unrulymedia.com 1 redirects
1 go1.aniview.com player.aniview.com
1 tg1.aniview.com cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 res-a.akamaihd.net www.gazetaexpress.com
1 hblg.media.net www.gazetaexpress.com
1 cdn.adnxs.com adxbid.info
1 warp.media.net adxbid.info
1 qsearch-a.akamaihd.net adxbid.info
1 bisko.gjirafa.com www.gazetaexpress.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de www.gazetaexpress.com
1 4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.gazetaexpress.com
1 certify.alexametrics.com www.gazetaexpress.com
1 hb.emxdgt.com adxbid.info
1 prebid-eu.creativecdn.com adxbid.info
1 aghtag.tech agorahtag.tech
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 adxbid.info www.gazetaexpress.com
1 gjstatic.blob.core.windows.net www.gazetaexpress.com
1 agorahtag.tech www.gazetaexpress.com
354 123
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-03-16 -
2023-03-16		 a year crt.sh
serv431.com
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3		 2021-05-02 -
2022-05-01		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
paadserver.projectagora.info
R3		 2022-02-10 -
2022-05-11		 3 months crt.sh
cdn.projectagora-adtag-library.com
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.adomik.com
Amazon		 2022-02-09 -
2023-03-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.impactify.media
Go Daddy Secure Certificate Authority - G2		 2021-12-07 -
2022-12-05		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
improvedigital.com
Amazon		 2021-05-05 -
2022-06-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh

This page contains 41 frames:

Primary Page: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Frame ID: 9C231532889C559644C70A8AEE0B0F8C
Requests: 162 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 5B07FE4BD35D427DA15E5FDB4EC3D32B
Requests: 1 HTTP requests in this frame

Frame: https://4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3A7304079DD5E0652E43C2619AE28E47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1647862059&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647862059157&bpp=3&bdt=761&idt=217&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3775885188004&frm=20&pv=2&ga_vid=1779063154.1647862059&ga_sid=1647862059&ga_hid=1283769315&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774&oid=2&pvsid=3565077800031037&pem=468&tmod=471574597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234
Frame ID: 5C204AE11C34775CBE63C7819D0F1AD5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7gFF5WbR4Rx3Bs3rFlWVUvotVTldTAUP3uM_BRp62R_kOEAa1q2SftUDaCjpWBPXACvDg4EuHSkvxt87eXQOrusIN4kvjFVwNBjHirpseAMFA8pWqPArJDRczW8yUR4QyOTUmTcAQKyvuW-pfVPzg5pts3HuRwb2Jcs69A7FmpiIcEv86wrcuFkiJQpL3lnyf7tvxh8xpBgFvfrprwJwUeIPBZ4LHwE_13vGlDDbRdKVcQR6tPEMoskd4xcUOLZAXSVcefdAr5gEgBrUWosunv3tEExWOoAZ_vcGAaGqLDxN_N5CA9R9skHy7aKF8YI1_6Qk5RKo&sai=AMfl-YQd0QBLyyJXteW3JmReC30nvlIJgOTChxdt4hXxIFdiMTHt04aVsqnec0pa1wXJNDRiQhFgDnHVyet1JfcpFUAujwtdCaB_YEIWr6IbVfzfjJ3WnqT2fpklleyOJM4&sig=Cg0ArKJSzEk0EGY91eb4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4E1304617D25C0250F1A856FA9DD9053
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 176A2AAD6EEEE3D1F62E200C337BF4AD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 5A1424EF14CE77D283E8561A9365FA59
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 622342092DAD161E0876A07969DF1F93
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 95F6416846F45EF0B769FE9BF5CAEFD1
Requests: 1 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: 2E1EC50FB7A9691B06D7B2DF7B0D1139
Requests: 20 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=4391
Frame ID: 5665A92549E240F7D54980F2DC4BDC9F
Requests: 20 HTTP requests in this frame

Frame: data://truncated
Frame ID: 70A6D24E886203EAF1FEEBC6DF4A389E
Requests: 4 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1647862060659459943485
Frame ID: E2D8E1127CA3F19ED779A26FBB3ADC70
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Frame ID: 4D2C9BCACCA796FE5F7B0BB7BA56B33D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: E328871DD4B0594A1C1F56F60275822C
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Frame ID: F11532D49BB9C453F81837CE0375C69A
Requests: 13 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=200&key=RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
Frame ID: 83CABC9DF46CB486D8225B61D01C774B
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1647862062236-953919478774-005576-007-000170&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 81C3AE00499777307DD57AD2AAE1B7DB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D1%26key%3D
Frame ID: B31F63E98A89CF8F293BF1C6F2CE240A
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D18%26key%3D%24UID
Frame ID: F1F36A1D92F22F855561627DECD1C362
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=56&pid=59c9148628a0612da3689288&key=419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
Frame ID: 4FB6B11EC55A2138A46280DA0CFAE108
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 819E64DE127BD51CF227D60450DEE74D
Requests: 1 HTTP requests in this frame

Frame: https://ad.impactify.io/static/ad/vpaid/loader.js
Frame ID: A3F54D902DB533FDF43530F7BCF2ED7B
Requests: 2 HTTP requests in this frame

Frame: https://www8.smartadserver.com/ac?pgid=894934&insid=7517180&tmstp=113054117&out=js
Frame ID: 1649A773FAD6A92A889A371B40CC7759
Requests: 1 HTTP requests in this frame

Frame: https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Frame ID: FF59EF92195CBCDA79F73F759DE99EF9
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Frame ID: 280C2B4692CB9B58398D5CD8F18FCE9A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/npm/hls.js@latest
Frame ID: 21F4C4A49D64FED9F5BF9DC1946FB791
Requests: 16 HTTP requests in this frame

Frame: https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Frame ID: 623AC40A948F47E28F99CF717FCD18E5
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8DDE327073C3C5EBDDF0262C2D58B835
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: D2D03DB4963F7885031D428710089D0F
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13396601
Frame ID: 9EC3AD7344D70D1D606D5D537E77B95C
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 2487910B0C4A645FE29C114E58F185E4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8599B5B156A630C8CA0787269DB5894E
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Frame ID: 2A232A17629A44F5A87DB90C1978DA9E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: CA867B9F774E4430D41A7252909E445A
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 59520B50118576988017EDAED91FBAE1
Requests: 1 HTTP requests in this frame

Frame: https://094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1F22A9B9BF110A2A7FF47B873FCC03D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63FED5D788F6BBFF8A83A1523E698DB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 472CC01BED7F9B60CE273E18DAB63C6F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D71F4671706355589CF44890A4852DD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B1CFA2A4C540A576D72D8C2CBB2262D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

E gjeni dot kafshën në këtë fotografi? - Gazeta Express

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

354
Requests

94 %
HTTPS

31 %
IPv6

68
Domains

123
Subdomains

93
IPs

10
Countries

4843 kB
Transfer

12465 kB
Size

76
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 210
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D200%26key%3D%5BRX_UUID%5D&cb=1647862062364 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4048815948 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4048815948 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/fff12db2-7d02-4752-a225-ce1bafbf9fe2 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D200%26key%3DRX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=200&key=RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
Request Chain 214
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=56&pid=59c9148628a0612da3689288&key=419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
Request Chain 238
  • https://ib.adnxs.com/async_usersync_file?gdpr=0 HTTP 302
  • https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Request Chain 240
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0&__user_check__=1&sync_id=ec86c3a4-a909-11ec-98ff-1ac054420306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEGnXx8Vhs8sEsUI_Hrg2QpE&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=fff12db2-7d02-4752-a225-ce1bafbf9fe2&img=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=67be6238-612f-4700-8829-68c2920545ff&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=30&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=30&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8459&uid=1915818441526398307&img=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=14&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7577&uid=7077513668928796827&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=&_test=YjhhLwAAAt2b8AA- HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjhhLwAAAt2b8AA-&img=1&gdpr=0&gdpr_consent=&_test=YjhhLwAAAt2b8AA- HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=SPOTX&rurl=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6465%26uid%3D_wfivefivec_%26img%3D1&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=SPOTX&rurl=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6465%26uid%3D_wfivefivec_%26img%3D1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6465&uid=CTuBb02F1Nwgco5&img=1&gdpr=0&gdpr_consent=
Request Chain 254
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=720bfe3d-9977-407c-a012-b029a874e3c2
Request Chain 260
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=sb7CxnxUZGFWdGF3VFF4MWlSeG9FYmpDN2lwZnJFV2JiTHNtMWJTcmFObGhXYjRtdEYrdWw2Zjk4R0lQeWR0MkNCTVJ6WnlFY2NhTUs1T3lYQlBGTHIvMG5kNDJHejZpUVJlazZreWg2VGNGL0o2akNJL3Z2S21KR1MyalFsNkd0alZnZnZJVXR1VmEwWDBNcDVCR2crVUtiRUppem1DSkliV0Vaby9oSjI0M2M1TVpTalJwbzVGY0h6by94U3lWcWsvUTdOMXBqN1BMd0NKdDZIQi9wa0tWTnhXSm9WUVpqOUNYOU5YUHZvK2pSN3A2NWJUV0x6d1pzYnIwNS91enRuN001a0MxaFpQdjBXdFdqa09vWWQrQUpsdz09fA&cppv=2
Request Chain 269
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=7372757361876725560
Request Chain 276
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10MIUWN-1D-3B5L
Request Chain 278
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTUlVV04tMUQtM0I1TA==
Request Chain 279
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NUh1u6_rpNsI_bCNnJ29-sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1907570622096027611
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP0pTebMBhm6QmGc3Ja7gew&google_cver=1
Request Chain 282
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWIxYTNmODA2MzYyMThhYWUyOTMwNjhhOGJlNDUxMDBjMTViYWVhYg
Request Chain 283
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QkI2mqZDSfGVSmBhwoMX-A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QkI2mqZDSfGVSmBhwoMX-A
Request Chain 286
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=YJId-3xmQ2pETmx5a0NFSEhyRVhvNHluT3VXMUlEUXFyWTZRd0Vuc1NGMFQyd09pUmNoQW5kaElTWGlFcTh5QWZwUnZtMGI0NFlGWVFDVHFvLzJiQm9PRXFISHFibkVETXNodmR4VTc0QUVWYk5rQy8xUkMvV1JKK29nK2oyVUdxNVdVRXpGVlg1WlQzblVaK3NlTlFhWGttdU5NM2hRbEQzZjVKNEd6VzF6Tm90TVhreVNodFEvNzcvbGlzL0k4WDhHWExWS2MzcFRSWWdzSjhPdVVDNGhrMzFUTDQvdmo3OGxNYThjOXp6Ky9TOHVSZml2bFQ1c3kwdHlaV0oxZWVwU1NFdldKZDArTWx3dG1HZmRWZXdvOWtaUT09fA&cppv=2
Request Chain 290
  • https://ups.analytics.yahoo.com/ups/58539/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58539/occ?gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-kcYAmUNE2uG5RJDE6fD7VySI.0kQN5DKcFVg4H4-~A&gdpr=0&gdpr_consent=
Request Chain 292
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPecef7b3f-a909-11ec-b5ae-065f72b997e2 HTTP 302
  • https://sonic.impactify.media/setuid?bidder=verizon&uid=y-LO6GMQdE2uJ2tGPz4d2jQlSzNpBRAjn1~A~UPecef7b3f-a909-11ec-b5ae-065f72b997e2
Request Chain 299
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7972238201079767659
Request Chain 335
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 337
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU4MUVDMzYtODAyNC00MzdFLUE5NjItRkRGRTVBMzkwMjM3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 339
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDdEMjE0RUEtQ0EyMC00RUE0LTgwMTQtQTNDM0U4MTU1RDFF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 340
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

354 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/ 		42 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1226d853fbe4af06d354b96d46321b15e35344265b5fb422424614c085db52bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-pingback
https://www.gazetaexpress.com/xmlrpc.php
link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/" <https://www.gazetaexpress.com/?p=1455516>; rel=shortlink
x-elasticpress-query
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3RRbKopFdN%2BIFuf9oEmtTa7D8vvxCJqNg8TtXfanzSlo9I5w0lKUAxV3vwKPah2QRj7fflGy085Vxcw6Aszokx2MeWK%2BNNCoWjczQmkH435EAc62huddGkQcbnJqPPv3PoMt7gnlmU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ef656ebeac776e4-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
www.gazetaexpress.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842825
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MM0PT8CEBND07F9P
x-amz-id-2
8Zzf8BN9g14lSDVD9uMI/Vm4o2DgEsZS6YClcZq+/iDsYAD+9pvhj+FYn7rpEVXPngGe+nyTqBA=
last-modified
Tue, 10 Nov 2020 13:59:35 GMT
server
cloudflare
etag
W/"b61e1b8cbc26b381f84b9fe75d6bd20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vASjsg1BwpiK1sOW%2BgO6uY1To0t1ppAR0%2BzwoZ6FBBoSfAyltU0NovBOn%2BH7ft1fLeIjJAd8dbmz6YMQxlpbBgkXfeEyA1XcfnkeCPKg8UKq1sCouk%2FCrukLzdZk3YimIE7L5rdkcto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EbY_Qr2u_RqkzHBQ7tezB1tU2A4mETa.
cf-ray
6ef656ed8cf676e4-LHR
tag
a.teads.tv/page/76285/ 		787 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9800465cae64bdf8617aaca614fe37e565cf5b9e577daedd111816175e406b04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
489
expires
Mon, 21 Mar 2022 12:27:39 GMT
gazetaexpress.com.js
agorahtag.tech/c/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agorahtag.tech/c/gazetaexpress.com.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
cf-ray
6ef656efaa1d91d1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1538
x-amz-id-2
eu1bbDxEQbdJNJcx8ZSPy2nQIYxlTghBUXLyrqN1U4kuJ2v3cG4y4yQp+qfQNWr2Ah2jY1j6EBc=
last-modified
Fri, 18 Mar 2022 10:50:38 GMT
server
cloudflare
etag
"9a03cc3598f1fbece481220c80dd2575"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ixu1j2mV6JHDRdSt%2BAI83oTUr91gasdv2cz5bTkLvco1lOX%2ByYjTmDRPi40hX%2B9rrOoqLWd7%2F6fu8C%2FkE3sTAw3T9DIe01ltm8HxVVwzsOZyy2gBppKiFSUuCRxLZ%2BInIGkrDiHkES%2FDz64HA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
99MRX5NZBV1ATPET
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7886da0394555f9f3eb5ca9929b622851c24c9667e3ab4b2fd26e5d9cfd3566b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54627
x-xss-protection
0
server
cafe
etag
1861582221602626919
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 11:27:39 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 21 Mar 2022 11:27:38 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AkdWFmz3+ZBD6nME4CH9VA==
ETag
0x8D8DC207C714D5F
Content-Type
application/javascript
x-ms-request-id
006ec67a-401e-0098-1016-3d0ad8000000
x-ms-version
2009-09-19
Content-Length
7361
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
sffe /
Resource Hash
d5c3ebcc76d438ea9300125bc48b3ab645d644a3634a7119034fb6867561cf23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27846
x-xss-protection
0
server
sffe
etag
"1164 / 403 of 1000 / last-modified: 1647852077"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:27:39 GMT
gazetaexpress.js
adxbid.info/ 		285 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/gazetaexpress.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0097a5999a246f3f5e0db4d07c0b8d4caeab7caf8b27a6c832e0469e17a8a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 14:09:44 GMT
server
cloudflare
age
449
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXl5%2FyL%2FOWZhcxWceZEKx4blDwLt%2BkdelDF4UMYw1uYNFhKeg96RGdzTjufpPGUXJ47DzMLFQg%2FygqIXe9d5TiHyaRL%2BOYLbqv8uPoakyCMtcdpUH1KgMZR%2BIoGz5h3oZVxh7i4LjGl7AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656ef99dd8fe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842825
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edRH8Ovu1oONtk8wHw7qA%2FVMhonxdrET1UGluECl11uQdKjbrtxCygX4fNO3MqcbRuvE9TBYrMZ4hKMJukXfHtjxKlxxR8uhpfVn7ThQiQW0h%2FkCssllOvwsa%2BjwcKfSxq%2FGyeDVxnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0476e4-LHR
expires
Sat, 26 Feb 2022 11:23:01 GMT
related-posts-block-styles.min.css
www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/ 		284 B
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.5.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842825
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 07 Nov 2020 00:47:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgiIkrQdmGHvPTncsyyOkNaHgN62yRqbT9VYbEglVxnK3XmJpl3TxZdSb%2Fqimp6v%2BbVZbXl%2FZccuMMboIeZvsQTD4lEmbpJ2N6CkBo0218T0hvNb5ReF8QfdRzhUSGvMMGcYnB55Yw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0776e4-LHR
expires
Wed, 16 Feb 2022 01:40:46 GMT
blocks.style.build.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842825
cf-polished
origSize=27723
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7Te111bdz%2BGoXSg2WJ%2BUTSoajOisSIlISTk5leCQW0eCLTBVNZWqOv%2FOAfcOzzFQEwBU9JDtJDGYzC1ooJvLYVVHjJwi3HIzQFtZ8C5L5a24alpiKTiAVI5qetpbAk0o5oUWPknBmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0976e4-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
style.css
www.gazetaexpress.com/wp-content/themes/express6/ 		104 B
404 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/style.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842825
cf-polished
origSize=112
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 06 Jul 2020 07:49:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7dy9qgrXtvVuSSF92FsHh8ySq1iSQ0wqlGZoa4ak3Ox%2Bam3uliwQd4CTApwA9Su0IPe4WTqevEdnM1EzRZfmyZG0GtkIKSE%2Bp%2FakCbZJw%2FqlTeE7wnauLDcIeiJxL8myrTwiQOOhNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0a76e4-LHR
expires
Sat, 26 Feb 2022 13:43:57 GMT
mainStyle.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842800
cf-polished
origSize=67115
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 03 Mar 2021 17:56:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkWqvuL90bjoXNQmh%2F0jfZfwNv3R%2FXk0R8qOsuHj15UEg3lcVLTZ23jIuR%2BlGecL37USCwtUzmTdUsACVS5OezmlZYcwkOu7dQZufQzrTyyPsXNtOvoTEO%2F3wlaGu2bW38fp5pXE%2BNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0c76e4-LHR
expires
Sat, 26 Feb 2022 11:23:01 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/express6/assets/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/bootstrap.min.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842854
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzUOilhuPlAHO1LO01mr2cDEF%2Bf8Voa8vJ5rOmgGpBlcepDrGnYzaRuIzKBIfOXnRpKc2DtQRujvkP7piFQazE5OuwSfLFxUyUeWF%2F%2B0QVbG8p4LyMcOeGYWfoQliCqsSfBJZPnXMmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0d76e4-LHR
expires
Sat, 26 Feb 2022 11:23:01 GMT
owl.carousel.css
www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/OwlCarousel/dist/assets/owl.carousel.css?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842812
cf-polished
origSize=4744
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTvpOk6yCAzGzf1Oage5DphIzVHvmJ7WrrCerN8edkb3SjSBY1GXzcZ0c0l8JZU4NUfDffNHgacGCVxsoFJu4diAikxwSpncSNplNOZp%2F3TdVc5jxgZI4kQwSAFdDTk2p75eLgCfrP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0e76e4-LHR
expires
Sat, 26 Feb 2022 12:30:45 GMT
wp-featherlight.min.css
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW1gk%2BHaQJCb58vsM2GXrJtp8zF0Kyi50hLaPVto8aiw7IAcinwym6xB1BWkz3vdUHm38vNDRjkwDQ2Yx2tDfI1HyNrPXV1%2FnN8w7UtXa4VVTOMZcp7KPZ7BAOI2ucAx0jUqX2QWY48%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d0f76e4-LHR
expires
Sat, 26 Feb 2022 04:01:58 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842854
cf-polished
origSize=96873
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6TezNEMfrm6Wk6goI%2B6lslWuCHnnT1tTpReFgJBfUxl3jOnmcTI36di%2FLesLz6%2FrJ1b0oQP5Q917h1df2zQdIyD2l5LQZAPRMk0wqNFf4LH7uQOc2kdhTXEnKzHZC9lYLZBwYbF2EQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656ed9d1076e4-LHR
expires
Sat, 26 Feb 2022 12:33:53 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ijZn07bfwdKo0oCzj5tifzJRpAHo8MMn69jyQFs3srbVjeDE71Y8CHWeXBo31xJl3NVPMjeU82WnqbKvcchZLEQi76mYTtHlMHeEu248WIppUsRbkXytlitufouAYqwWKny1hmzj%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656edad1e76e4-LHR
expires
Sat, 26 Feb 2022 09:34:28 GMT
invisible.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647860400
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d72b87c82e8ab01c28ba5ae062e262989024409e634633148d33e0a3da4195

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFiiMhrUIekyr%2BB6r0XqT6eVeSurme%2BIXaP4%2B%2BoDWSo%2FGz3Wl0NZ3Lrzh4Mr39sRQ6wOXcU2FDmuAwCIHfdM%2B6BdIqwx1YQ3GkcQMO5MrVlYDFTfNNhJYcNzTI5Q6SWluAAy2g8lRqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ef656ef6cc106d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
express_logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/express_logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jHVmGJ5ggZTDouzk6K4I0I2EegG9Xv6r7j6GBZTeKmq%2BRZb6UOdyoeON2y0tElGQwe8RQMdeSQv49dk6gtLcbXiqYIM0z0kGMek%2Bb5jN%2BzvkJBchZPBrvLwh9m5NsilMY1DYDY%2FWYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cc306d1-LHR
expires
Wed, 16 Feb 2022 09:09:34 GMT
world.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/world.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm8DYfkkPsDCpXXx0WcFhPopUUsrTsSTqr1Otxjn%2FkoUUpFjmhAZulfXROtNjZ%2FQ3FxZ1UUBq7nhAQX9o2sRHYwWIRB9uVoNtTcwqBj8k6mi2orcovBI7jCSa1sA3wqztFWLUtkYBhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cca06d1-LHR
expires
Wed, 16 Feb 2022 09:22:47 GMT
noun_live.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/noun_live.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXX%2FgNW9kBjUBayn84LAkqWGgkxpb%2FauKyDqgRjFfpc%2FQPbthEu5yyNDkCCCffr0qnd0bRqEEM%2FHv4iZKJEgCVdgoYXeMxaE%2BkzHT3XkCOvQT9cxUCb1wLcT62eq4SlLPElF59%2BxN4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cce06d1-LHR
expires
Wed, 16 Feb 2022 10:23:55 GMT
search.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		509 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/search.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJU1Ii95aODWWt7oyzvpOtd%2BjBC3XPXU4Kq1ApSpu%2BMS2AL7yRittTwutbJx%2BiTll2W%2BcPAHj7GME%2BWeWowlf1JwjhwN8APSBy94BfKKnTYJXJzXkOO4TQKxMnCRcGru7sYaVPHs6Lc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cd006d1-LHR
expires
Wed, 16 Feb 2022 07:51:44 GMT
youtubevideo_icon.png
www.gazetaexpress.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/youtubevideo_icon.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 21:40:59 GMT
server
cloudflare
age
2842913
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKK3EMtPfNhsTEtz52yNpf7Mcyd1JcE73NevSGUoSdinYmOE5LG62rTbKtWHyr8prYTxyMiAarMTkra4B8nwGYkSOcSs04MF%2BL5mbMWecofCb80CrJTV9EqKeJxDNW9PyJIAy%2BJABsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656ef6cd106d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Feb 2022 02:06:19 GMT
express-logo-author-96x96.png
www.gazetaexpress.com/wp-content/uploads/2019/03/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/03/express-logo-author-96x96.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed7d434cc3f89a09a5fb5385a44b646a302cc0e7f4a09f84f55dfeb14d1f100

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842754
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 12 Mar 2019 00:28:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dwc0n7dOGf7uZWJ0UtbmZA7MOICqNHgxig7ciobyu2XH3cVyL%2BA3j7KZchMBw9o9iFRqmrJ4fFtNWquxCl%2BrrqiRy8SzGFnTNy5GCI9UKxWhVUk6cq8UF7UIOl5OFLbLaylFSYWGlq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cd206d1-LHR
expires
Wed, 16 Feb 2022 13:44:00 GMT
Screenshot_3-17-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/Screenshot_3-17-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4deadc83c53fb31109d3c06d5598b236d4d0f1fb8b0908c9dc482da9803ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93529
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sun, 20 Mar 2022 09:28:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIzR%2BQ0gtf4pR6%2F3ba5vgCF%2FF8Ita0q2zd33yVDq89Vbjm1INnlC%2FK4gE12aNVGGSx5yFxPj6TkUO2lVPsEKgKAYvl1sgtpv3QjaSzt9cmF5zbRI%2BwCj2nY9EfEaaqKmWBDPbVd8d20%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cd306d1-LHR
expires
Sun, 20 Mar 2022 09:28:32 GMT
fotografia-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/fotografia-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2081dfb8191bbab57d1e8ebbe360b7d1f0ea2f34010003518679e2dbeecdf974

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Mar 2022 00:11:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rkr9BkA676Of8yAZeLSecQDBw3RUI%2BrofbGnz7YR7DXB0CPs71kXeB8YzXj9ZilrwaK7E5l9XHzHPsuGW4LO4JV3jWXpltNTO1DuhizGtSbjWbEjDY7h%2F6LCwePBDF3wYmcT7DqxJcE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656ef6cd406d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Mar 2022 11:27:39 GMT
gazetaexpress.com.1190148.js
jsc.mgid.com/g/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1c98b585058c74ff3f6a841129f139d9788d8c73b1a54a030189fbe83620bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
age
4359
last-modified
Thu, 03 Mar 2022 13:56:46 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
82C3PPAD0XG76YSA
x-amz-id-2
hMJSJ3YeW8hDASuM2sQiu8Bksjt/QFUJ2mFsOLSR4/qVk+FliWRbidoHw3RluMBFXIm3t8Sevf8=
cf-bgj
minify
server
cloudflare
etag
W/"849a0fe3d44ab9719253b5a9421fc496"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ef656efaa8e926b-FRA
expires
Mon, 21 Mar 2022 14:27:39 GMT
fotografia-1.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/fotografia-1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
797bf07d2fc55e1e3f24b53da7c753b087e7bd7838dbdf404844f92afe29d33d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Mar 2022 00:11:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm9S1r8puF8aR4K4DaaIyLEI68JePhjKimzQ3bso%2FuQ%2F7zUgPMXjsDkcua9USZwWNdxxfGY7bTKtAV0gkoWYDnBbPH%2FqkhR54OBO6YL2KNM%2FyR0HBDNmpwr7cDHkrvwYjdhGA4BBMIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656ef6cd506d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Mar 2022 11:27:39 GMT
fotografia-2.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/fotografia-2.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f316916dad90f198dd2cdd847f6a0d7363027768049652afb7b80f35ac5c9ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Mar 2022 00:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RT3XlFN7kGAiqwtiUw03Xif3FjAeIff3ob433NXPtMqE%2FYKia46yPgdPSi0r1MsPJS%2F2pYU36A8oNBMIeLGPXQezKSnO7Bqg%2FjNiwNHppUN0OZOm5y9tv4CDp%2FlJdZc8kaL7c5p25FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656ef6cd806d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Mar 2022 11:27:39 GMT
facebook-logo-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		644 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8dc1681c0451d8590af4d2d08b7b16e4f6edf197f805929d6a85a2be1b622c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CuWGEiq802IYEGd7wDeOtfb%2BbtqYp3CdLWw1DtYn%2BefdGemC2dmPjH5wbQq5rpSkpqOtTL3zXmbL6heCEqFlbxvifrmgLUZIc2n8njUuIwgCa0nXKWoNQwvwMK%2BJ4%2BTDnIqS3GHlU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cda06d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
twitter-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc16bf1238724eedd1638bf0937b691bb01d08e585ac5e1db274acb47147c5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dii%2F4AMeUSHnQo7ud0E%2FSUeKJzcUO78IVYDDRAG2X80V0%2FZESZTwTeJZt3OwrZWRh0p3iKklUpGdNTH0YbmRRg%2B0zB2bMgcCJcSFf40cHsCvc1sTNKALJJpg4Oy3tsiFMN4GZTcMpmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6ce006d1-LHR
expires
Wed, 16 Feb 2022 09:22:50 GMT
google-plus-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1016 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/google-plus-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d5dd78af31fedc394fc1576004d11f96384907eaffd5260382daeefe8dccb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itPv353o6QOva8XbMAs0L4EPMEf8QNMpmBzKvcT229LkVLD9KyOa5176OZhBI7F85u8cyyCMeQetWNGeJuRQRqzhQalUUouwb4iERJ0hx8k%2F7jzsUclZrqkeLjUKDsFuxoAvvwkAPc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6ce506d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
whatsapp-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/whatsapp-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b562cee19c4ff0e74eeb29a0b4f4013644c02f0cbc6ebf9f22a434cd527807

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By1AoDtKiSz1wWQk0ZHy4zlaY2DN3SBOuRlH%2Fix%2F4kBvUJRqv6AsgSzMS%2BS9O5yZJi7HfaCzc%2Bldikw12NFXsPHYmyElBrX9Z106DX6vPleU2%2F17NT1eCJBkYY74iJj%2BR16FF0liNfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6ce806d1-LHR
expires
Wed, 16 Feb 2022 08:17:47 GMT
viber-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/viber-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ede5c007b843287b8ffd0c398af54969710362e87a04e571f5e140ef2a35ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClwGcgFr5c10EsaEBSYgn%2B5itXzK5aNk%2FcwxVzqDD367qDE6qwksU7MKSJQs3gzEhSmudkPUmD9GLmyP4MNxZaBfpB3fPybzscSjGhBKZI%2BjzQOefSeWJjDzVBbE6PnOS2NZtpbubhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6ce906d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
email-c.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/email-c.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbb9be7acdac8ad96d8419b8eb4e7120b05295a42d3c50919370d1fc83547dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqSHX2DXUVagZMLO9jH950s%2BupqNJvSE1b0lMoAxs7kU42Rfha4yEnjgUjDPwU%2BK1Kyha%2BkbbmLIyvvlA39I3OUrVofKeejJQ%2BK8iRe%2F6p2Cc5ngwGAFg%2BwJ3jtjUi7GBq2KqNDLBp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6ced06d1-LHR
expires
Wed, 16 Feb 2022 10:19:02 GMT
email-decode.min.js
www.gazetaexpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 12:28:09 GMT
server
cloudflare
etag
W/"62332959-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce517mleUqr4h3iByWZ0%2Bq%2F2O0yVF0oNcwqJLi68sjMB1gyF5RDEhRfCrDrZEgi1ozXpW8kCFVbVswXJzHSC0Y3hCVAOHP1hccTptsCHII3CBqdg8YqgqIl4Bv8ngR%2F8SaGj26SRjB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656edead306d1-LHR
vary
Accept-Encoding
expires
Wed, 23 Mar 2022 11:27:39 GMT
0a3b5987.js
serv431.com/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv431.com/0a3b5987.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
68af5a6a7edf22605e596cf869c1b11c44d23efa73926e035b3cd0ce393e842d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"06e363ca817f1b623736435c4962cd923"
vary
Accept-Encoding
content-type
application/javascript
gazetaexpress.com.1002277.js
jsc.mgid.com/g/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30ed3586a10b8fa94e663755b7cffcfe52724ce775d8c2b576e42e152f29123

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
age
6541
last-modified
Tue, 15 Mar 2022 11:03:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7W4KTJMBXPRJX20H
x-amz-id-2
qDXyCTmbypw8Kv4CEFuSAHDaqahTJVqPOj5vCquEGby+vgm+wtShyXqMlYkqSgf83Ntuhh25Ges=
cf-bgj
minify
server
cloudflare
etag
W/"6bbe8fe2a590a92b7d4c1e5536c4250a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ef656efaa90926b-FRA
expires
Mon, 21 Mar 2022 14:27:39 GMT
640-0-614a249de90c6-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/640-0-614a249de90c6-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84e1506c7ff3c439e323e7edbc44eb4a22db6ece5a1977c16162f7691e2ab0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 21 Mar 2022 11:23:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvL3pX%2Ffq%2Bt4sme7BJpqY%2FOOraA388LDGz43XEqkXr3M2RifzclSpG0pGZWlul4q3k0IJzqrpU89VvHZZytdrfttpFxEQvzZtDXnkz%2FxQYix4q8RLh9sRmal%2FxyzK159NDnMb9LYCXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cef06d1-LHR
expires
Mon, 21 Mar 2022 11:24:16 GMT
3583381f-8959-4a42-a2b7-2ccf17d121c3-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/3583381f-8959-4a42-a2b7-2ccf17d121c3-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7b3b636537acb37a809f994c0248b60ada03bbf85fc42eedd74033e859a056

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
241
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 21 Mar 2022 11:23:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu7m72sKd6MvBcDHuZ1P5RfQmYb%2F5%2BZI0P8PSioddXVEdiW0iHevO%2BjOvBuGk5RKFd7cqL%2FFTW7rXtSDzfGl%2BOiZozEzytxVMQBZRoYV0raFX34ew8EE9Gz13bWj4aHjv9tBjHmDjVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cf206d1-LHR
expires
Mon, 21 Mar 2022 11:23:32 GMT
kuvendi-i-kosoves-i-zbrazet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2021/12/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2021/12/kuvendi-i-kosoves-i-zbrazet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abad835a03a439b98f0e6af24ef9d2db7be144f266dbbe2f1c9b31c683baf6a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
403
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Wed, 08 Dec 2021 13:04:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ7qYcu1i7j0Tw5J3LkaTaAj8iFhcC2vX%2FxJQFprFbZbuEVzwHkA6nuy9okcLc3g2FdpN91AsZL4udqcfcPoSV97%2BYdAPgGaC30tYFim3DRek8kdxAiM64vyDNxfPkUJFuPPJtzcvhc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cf306d1-LHR
expires
Mon, 21 Mar 2022 10:52:39 GMT
dad525c2-720c-4785-a9dc-0b72f6d0b9a0-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/dad525c2-720c-4785-a9dc-0b72f6d0b9a0-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d4ccabfd7718a0c48ad7f1280cbc2d01a5f5a743cb6bc251031e290d118f65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
675
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 21 Mar 2022 11:15:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sWysDfRzMrxm9GJwtBJWH8WhL%2BWxE5HKGfDDWKtP%2BcIGTqkSqTGskqf488p4xHgL3q8X0kB24TO%2FVN%2BDuu6aI6%2FI6s6qyPFzl8%2FWIFDg3EYNKkMX8ZejGKubGpzT8eC%2BrZ7ko8Kpt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cf406d1-LHR
expires
Mon, 21 Mar 2022 11:15:42 GMT
Perputhen-600x360.png
www.gazetaexpress.com/wp-content/uploads/2022/03/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2022/03/Perputhen-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d248bdf6a427b0b80c2681a3499f346c03af7421b9513ac81b30200506ca2c1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
968
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
332146
pragma
public, public
last-modified
Mon, 21 Mar 2022 08:37:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AkSGnw8KC5cEOLYJnHkRp2OdFHNB6%2FdcJRe3wbBEltOYuIpz8PPflFJZWE3B%2BjY%2F3k1hoy307M6qE4bvRQL3eblgE%2FaEndf059RUaqzdfXtBsOGGl0ya%2BHGOp9Y9bMe7e7C7J69F9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656ef6cf506d1-LHR
expires
Thu, 31 Mar 2022 11:11:04 GMT
gazeta-express.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/gazeta-express.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzROdp4ZQl2sR8bHkQPcAjQ4veeHD0%2Bu7HdmOA%2BOqVc2OKyIuiKAy%2BHcFN0pIh0hI%2BmTqZHSDOk0x91oJ%2BheMVl2NHZQgGBG%2Fz58TRxBggffKaZrHspgJ5xtPVx4rMrZWVPGaCTPhUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cf606d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
facebook-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		604 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/facebook-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zDl1xyfOasjnxUBQHCITiTq8ztWXQgUVEJgwkRyJCY2U5RZJTUzGiokTrqTO7f0lfzyLQKj5SodaH1vIVqIxNoMbjw8Acg1448GII%2BBKQDO%2FGZPVNXFZkIIjwPo1PLP0QvgqjygVLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cf706d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
twitter-logo-silhouette.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		850 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/twitter-logo-silhouette.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StCA1IbNRGKNCN3YtpdMrr%2BAkkFvyfdVb4EwgiC3TfB%2FQs8YBDSD21TxHCRXpyaSWfI9pGdTjatTErYK3rcRjZGIsgmSB2Z3sA%2B6t%2B5YJH8kX6v3676HVgT9sruGbsdKEBu2rI%2BwLdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cf806d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
instagram-logo.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		1007 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/instagram-logo.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkS0nv7S9DDqshBEGIctc%2FuzH8rMTxMSyNdKN3SSNn1ITYcVo27WnhqXOdFZ8ydB0cyDH2GuPD9JU08L83%2Fsx3njtTYWN9W9Lqa%2FLYESoE3t1AuZOkd7X7CkAF%2FECmulDCdsHTorUtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cfa06d1-LHR
expires
Wed, 16 Feb 2022 09:22:50 GMT
youtube-symbol.svg
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		612 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/youtube-symbol.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7hBgDXnnr67rZAcv1ffWB8JsFIE6uYHkHMXKkEmkdpQbWdlYUkYdTokqwKOV5Kvwyq6zQS%2FvxANWYW8O%2BZoPI87TWXEmCn6SodV7%2BgE5bH9vnF6lfYe5SSIr5WJr%2BW8sB6kxhsXpew%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cfc06d1-LHR
expires
Wed, 16 Feb 2022 09:22:50 GMT
logo-shkabaj.png
www.gazetaexpress.com/wp-content/themes/express6/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/img/logo-shkabaj.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public, public
date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
age
2842913
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzHPmi3sUGNc6E7CjXAp%2F3q%2FeEkk8AHe3rRDv8Q%2FOhbpLTqoPh9OV%2FWR4lbF7pBCIKmU5J3IB%2B569Atl4IQ4REkRg%2BlKPm8sYbc0YGQhlo7fAFxJYhzssaGCdIHqrWaOXvvwE0rffJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef656ef6cfd06d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Feb 2022 11:23:01 GMT
owl.carousel.min.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/owl.carousel.min.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YS5IpGImRK8nBMGRXFjBqNkOH0Grsb4WehXCKQx12jdhLnIxvgtAEE0WBSB4H4yJda1sOhZkAVbH1uALuHEnw6%2FZBUg%2B0R2g6sSgf%2F0nMUWD%2FWoiPzQ%2Bg%2Fy%2Fft%2FacAvoiZZq6oEbnlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656ee1aef06d1-LHR
expires
Sat, 26 Feb 2022 04:11:40 GMT
main.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/main.js?v=1.0.9
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842915
cf-polished
origSize=11722
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 24 Jul 2021 10:24:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIN4JiBRJcK0xvCI8lnG%2BZRnbB7ppVgtyf3HV7om4GxRvsa%2BGcNk%2Bs0IB0aIcO%2BO1P88GWzX0gl3NDAh7%2FaM5H%2Bo%2B5RQOa0qp5yYDeZDfLpcYcX8iVpHrD3OWrGYWtLdkNbqX0xVWoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656ee5b4c06d1-LHR
expires
Sat, 26 Feb 2022 11:23:01 GMT
bundle.js
www.gazetaexpress.com/wp-content/themes/express6/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/js/bundle.js?v=1.0.5
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
cf-polished
origSize=3713
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Mon, 16 Mar 2020 11:55:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojyt68ID8gXdTbNkClCFgB8IK8fjcENNKEfRQeeyirGxYrBgC4eemntDfp46tIyPnsG3FORweAKA8QRdfyIrK3KUOjPXufNmTGz%2Fu4boFUV8PGzJpoVCY5%2FHWixfr94fIFGmmFnWAw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656ee8b8106d1-LHR
expires
Sat, 26 Feb 2022 09:49:08 GMT
mpp-frontend.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.10
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
cf-polished
origSize=331
x-cache-status
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:34:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uNVq1iR%2F%2F%2FTkWxsmTw18BkL%2FdWSXf1jAawkNFTkU7nlcvVC3JfE2ULS8g8B45toUivQYm3sWOJDe3BQXQQ%2F2sjR8XzE%2BYw9bm7W7Cc%2FWKJE0ygDvMX7xBKUk2e7fPqqQKhX5yowvVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656eebbc606d1-LHR
expires
Wed, 16 Feb 2022 11:23:02 GMT
wpFeatherlight.pkgd.min.js
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0sqcypUU3tRYAzKWgMLbxF65sdpXP3s1fMHMaXXLzc1ApG3S5InNVKgrMZlmoTjXYrEvm4URzRcxoQ2sDWbqaBy%2F2CsvWit70%2FlsjfOZCEwGuOYrChHA3Xe%2BwsRKm%2BOn1JhnKrGlHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656eefc1506d1-LHR
expires
Sat, 26 Feb 2022 09:21:50 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qCE2WMApWv%2BVWf4TgBlyl%2F%2BZVjBuKeSCE2sYq3tN28HAmIO29asZtED4RxfSn%2FfKABNC5rSbtsa%2FLSv8i6xhnMebhzAaRXV9h9%2F3eXsmJaqATEIQ6dgXEo%2BIWsHpeN1Bc4hhkgH2AA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656ef1c3406d1-LHR
expires
Sat, 26 Feb 2022 09:22:45 GMT
U-7Baa56EnJJkA-3VT33cT_3HbI.js
www.gazetaexpress.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/apps/body/U-7Baa56EnJJkA-3VT33cT_3HbI.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/apps/head/y7fSIC-Nar-PQDdmdwDlbGcPmlk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842990
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
55BSPTSGYRDG72PD
x-amz-id-2
6gVhWf9+0Tkz8ZqomfrKKBSjHJGDDaWdSaBk5mt3mnvJdasQOTwM44wmE9gJ1T6882MhdD94SVs=
last-modified
Tue, 10 Nov 2020 13:59:34 GMT
server
cloudflare
etag
W/"a48224d294929710ccf63815c082d82a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RimSO1rFxjnMA%2FVHW40usT6jfIxPWXZFgGoTLTvWMbZ5AskOczUJde6MZTvTuJijkvJpo7Js7w1p%2BdF52V4%2BcTbNCe5lmE0F95yTgQk1Q2v9jY1ao22GFiyHBzULzrDUABUR2%2Fzjvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
OdY.zUSDblunDdofCPVQz2xapN1Ewriy
cf-ray
6ef656ef6cfe06d1-LHR
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4973
date
Mon, 21 Mar 2022 10:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 21 Mar 2022 12:04:46 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.111.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-111-31.osl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 05 Mar 2022 07:54:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
1395213
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
OSL50-P1
X-Amz-Cf-Id
3nn11zRNE8eCKRb7eCsBAzacUk2IUPp6MwezsticdbFT0n0O9Lw9sw==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
hsafMvvx4thCK3AWHwfgoXsdDa4BIIko9Uo5ElDNrr6pbVUKVbTXOvzOJ5MW4kSwNV58Y93AdTC97kk4OaiRbw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 21 Mar 2022 11:27:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/mediaworks/ 		167 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/mediaworks/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Wkc_rZlNQmNTCKBRxLriGeFlsoO3vY.7
content-encoding
gzip
etag
"0215be18ff91f9f8cf1f87561475194c"
age
55
x-cache
HIT
content-length
23804
x-amz-id-2
4jG7Chbmbu99n4OBg9mnQ91+eAQrOuT0w3kbwoXmHUepO5g0KrT+Hg/gw8Qf2YaS2Q79SDfDzEo=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 09 Feb 2021 14:13:22 GMT
server
AmazonS3
x-timer
S1647862059.480964,VS0,VE1
date
Mon, 21 Mar 2022 11:27:39 GMT
vary
Accept-Encoding
x-amz-request-id
9C5TJCXTW9V9Q9S6
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
35
x-cache-hits
1
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c43bd887b1cdd61c63fc5d4545fe3e068b07863263ade81288070ad128f69bf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
last-modified
Mon, 21 Mar 2022 11:05:38 GMT
x-amz-request-id
A9TWDJERCKKRZQ5W
etag
"a2ca5c3923c05fe8ddb808d2aba76e49"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
3
accept-ranges
bytes
content-length
134128
x-amz-id-2
9hnBsJ1rw6P0ljLeFzNRHE3MlQOtmSzda7A4UZBkm436XVQUbXTK8H3mltdtDVTImxfdt0Yb8Bg=
expires
Mon, 21 Mar 2022 11:57:39 GMT
wp-emoji-release.min.js
www.gazetaexpress.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2842913
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public, public
last-modified
Sat, 22 Feb 2020 23:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygAZQ8%2FuTCQCDMbSUX3Z1BH9z%2F1z1WT2OtXdd8gCPd%2FXNh85Jy%2B24aKnQcgF1nm1L8TppC5b7dALUMZPW9rhTABOReQmW8qUury5NoLsk6kNwREh39CKabuiezWKcwU2DXU2vzAF194%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6ef656ef6cff06d1-LHR
expires
Wed, 16 Feb 2022 04:10:53 GMT
Raleway-Bold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Bold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee01bd79e58c77dc4276a96fa5dcbe396c024538353c216894c5d6abcf2b6e1

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66240
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yxl2rt3vKhTxNOn%2BB3iDQEYMq5SneBfyAsXe4vW4oOKurf%2F0biiqNWN61xkD%2BpU%2FlVR0ZxqJHbxt11bNhgXDs0hNfjb9%2FdN5428VbNMiVrHU4VDLmw9F6PtN30bnBghAxYNq77VRRKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656ef8d0e06d1-LHR
expires
Wed, 12 May 2021 08:31:18 GMT
Raleway-Regular.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Regular.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65692
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKJ4kavhzPCZEUo0Mf5ld3t61ki68PpvHFJC9HpCuwiCESNcOf3QpT7%2BJl6zJgC7Sn9%2Bps1Q9C4yRVhnYqEio5f0Ch7nfPByX2ZxDjLPfA2IGftemVTs%2BSp%2Foe0hz2K622%2BpHUQmv9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656ef8d0f06d1-LHR
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Medium.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Medium.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65280
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOdYvgTVnKSUyRusOmSQg1ANCfowgCYgqRBQovlXYxCXx9CksFTXyb7QdIeqjAvtgg4ScF0hAIJ5%2Bz6XJ2f5UO18%2FBvfY0QcPVmdT4fuSghDggZm0ZXZVGQn8CPszDoRmriWxkcEgrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656ef8d1006d1-LHR
expires
Wed, 12 May 2021 08:31:20 GMT
Raleway-SemiBold.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-SemiBold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66524
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZbqYK2eEL72Rou4OrejHj4RUIkqrVUvDTfaL2jJN7GddGm4tHSUSQP8UxpocdDiS%2F65DO1gwW3zaHWxPNqDO5JuhLzXj7njXGAv%2BUNEMkZqDFMijivJgkYYv%2BnjPM0xipHHdJ3f%2FGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656ef8d1106d1-LHR
expires
Wed, 12 May 2021 08:32:13 GMT
Raleway-Black.woff
www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/express6/assets/fonts/Raleway-Black.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/express6/assets/css/mainStyle.css?v=1.0.34&ver=5.3.2
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64872
pragma
public
last-modified
Tue, 10 Mar 2020 14:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BT1PO4xxL73WYrpQ6C4HRQ8fj2HBygrQA161g1%2B7rejJVEigQ2TBe6rJ8MdqJ%2BmJUI%2F0cKaMs98WHKFxQWt9BhMq5NH9xmA2KfTMXQwS0UCoSTHFkLWJsB%2FrYYWDg5rwFhvKatWQ7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656efad3f06d1-LHR
expires
Wed, 12 May 2021 08:32:13 GMT
260200548443713
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260200548443713?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5bfc9d681398233b7ea9d711c1c7c13bfff2e0333451c4d2bad846fc8ccd73d6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89119
x-xss-protection
0
pragma
public
x-fb-debug
7AM9kfgEoR5jN/uqjys95r1hS2BFRt6vDrIiEcFdMoujCikUY2TeqMU5nPq6x6hWEh/p/JTl6dkhlaCSLYwJ3w==
x-frame-options
DENY
date
Mon, 21 Mar 2022 11:27:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=6a57e197-462a-4fde-9c4d-c55be5b79711&pageId=76285&pid=82609&debug_metadata=igUEdFfLD0&fv=1016&ts=1647862058937&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.33.114 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-33-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=6a57e197-462a-4fde-9c4d-c55be5b79711&pageId=76285&pid=82609&slot=native&fv=1016&ts=1647862058945&f=1&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.33.114 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-33-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/76285/ 		538 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&page=%7B%22id%22%3A76285%2C%22placements%22%3A%5B%7B%22id%22%3A82609%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A824%2C%22height%22%3A464%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=6a57e197-462a-4fde-9c4d-c55be5b79711&formatVersion=1016&env=js-web&netBw=10&ttfb=205
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
01280f764809c45ae35c6e5901cbb5e595980ae3449fc7c4aac54fd18602218b

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
368
expires
Mon, 21 Mar 2022 11:27:39 GMT
projectagora.min.js
aghtag.tech/libs/ 		277 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: agorahtag.tech
URL: https://agorahtag.tech/c/gazetaexpress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:81b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e700bddd1405ed9feb6cca2523254b13b0bc2191f0728170099746792e7caa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2206
cf-ray
6ef656f14bcc9bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82685
x-amz-id-2
rffCLbr4n6KvCAZcPKjMC4gHwlOSL7PjDB9qMxNMG+FtdLCdO82INmZ8nM9I4AgNBS1eSUkC8q8=
last-modified
Tue, 22 Feb 2022 14:51:02 GMT
server
cloudflare
etag
"bb5843fcf1d36f23d43ddf1e00f66ab5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w60nW9X%2FRGgNOSVSgYWax8p%2FdG3LWYVvKmCnELZchBS3uQuAbAMSk5buw8%2BlByJZum2TrIy0Wq9pGgid2yfPbYCGk6EESEe0o7ToETQZYwp2nCvO%2F%2FL%2FRqR6ebXbMpgAXvOu0gqtsKgNYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
0G7VDJJ6Y91X0KZ3
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 21 Mar 2022 11:27:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
bid
ap.lijit.com/rtb/ 		94 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
cf0438843be74c022c91da132f1a42b34b9d581916dd7920a6ab4cb03ad5da81

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 21 Mar 2022 11:27:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=94580540908
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ee64c20b4e287d1b2fbfd074cf7ccc184f13453a1fca1cd0f09c95435c3287d8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 21 Mar 2022 11:27:39 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8496c615-3c03-4318-a2c6-a4b568b89b53
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:39 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Mon, 21 Mar 2022 11:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
hb.emxdgt.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1647862059040&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Mon, 21 Mar 2022 11:27:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=55&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=7917e861-e4de-4223-bbc8-6bfe2385748b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11209407579649366
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a4a0fae02fb02c0c74199b9a289e461b16cb09e951578075fc09223ed8be8190

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=59924&zone_id=2177830&size_id=15&rp_schain=1.0,1!Gazeta%20Express,19943,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=825ac681-e6b0-4159-b8f9-eb4df0e10ef4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4025203630328311
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
512d9b1a8a4ddb1408d77d7becbc595324b345c8ff05bde3aebbc551df147e02

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
gazetaexpress.com.1190148.es6.js
jsc.mgid.com/g/a/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c54a34a0b238e7adb8bd3e5fae3d5f20327c77969ee070eb984d2c48684fda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
age
873
last-modified
Tue, 15 Mar 2022 11:40:48 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MRCGF5ZWYPKYCHV9
x-amz-id-2
tziV2v3nVSXFuletuEeFd/7LZPSLnNGhI+c1oeynvXtegZW/gHgWLDnFl71x356W2sPelYV5mEE=
cf-bgj
minify
server
cloudflare
etag
W/"b6788eef541f0c0286a5857a12aeb8ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ef656f19f6a9238-FRA
expires
Mon, 21 Mar 2022 14:27:39 GMT
gazetaexpress.com.1002277.es6.js
jsc.mgid.com/g/a/ 		256 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7042cd4ac5cbd920f929f865ea2e46c238c6eeb4c67994f2de745f197fc0c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
cf-cache-status
HIT
age
6397
last-modified
Tue, 15 Mar 2022 11:03:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WTVR54642F654VKW
x-amz-id-2
arVKBrLZJfUkvKVOEh6lwXP//1QulmMLB/r6g4mi7o1Y2RuRZ+VM1ILdB3MaUaDcB44a2PwwWoE=
cf-bgj
minify
server
cloudflare
etag
W/"ede8f4c31abd67f0162ad5caea131341"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ef656f19f6c9238-FRA
expires
Mon, 21 Mar 2022 14:27:39 GMT
impl.20210208-11-RELEASE.js
cdn.taboola.com/libtrc/ 		461 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210208-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mediaworks/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
KnSm.W0xbjxKdbzJlmXotguv.ic.uOsY
content-encoding
br
etag
"a91756933e089626a1d0a3de71a9f830"
age
11070
x-cache
HIT
content-length
108763
x-amz-id-2
1HBUDVVa14Q6ItZaca7B80mMS/lMHOwu9eYn9AHjyFbRLu8w7vog5ucfb3NdeDiKJnR+Lzd1zdo=
x-served-by
cache-hhn4022-HHN
last-modified
Mon, 08 Feb 2021 10:37:31 GMT
server
AmazonS3-br
x-timer
S1647862060.778778,VS0,VE1
date
Mon, 21 Mar 2022 11:27:39 GMT
vary
Accept-Encoding
x-amz-request-id
J1ZYB68FW7RP29PX
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
1
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&time=1647862059097&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&random_number=793786213&sess_cookie=f4be21d517fac3b9059524be77a&sess_cookie_flag=1&user_cookie=f4be21d517fac3b9059524be77a&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-71.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 03:49:47 GMT
Via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
27473
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
DUS51-P2
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
dbXssVCKFeIDV0fr2-b53vljkbjlIA0tFLMg6TbQvj5eng1SVdgxpQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
server
Server
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=82609&pageId=76285&auctid=6a57e197-462a-4fde-9c4d-c55be5b79711&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=3-yS4T150YfWUQbJNMnbRibC&cts=1647862059659&cs=-628605404418804881205&fv=1016&ts=1647862059109&referer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.33.114 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-33-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1283769315&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ul=en-us&de=UTF-8&dt=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=301847513&gjid=562424314&cid=1779063154.1647862059&tid=UA-6427330-1&_gid=998334042.1647862059&_r=1&_slc=1&z=109678858
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1283769315&t=event&_s=2&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ul=en-us&de=UTF-8&dt=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABBAAAAC~&jid=&gjid=&cid=1779063154.1647862059&tid=UA-6427330-1&_gid=998334042.1647862059&z=228796057
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 02:07:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33636
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1283769315&t=pageview&_s=3&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ul=en-us&de=UTF-8&dt=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=&gjid=&cid=1779063154.1647862059&tid=UA-6427330-1&_gid=998334042.1647862059&z=507117442
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 02:07:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33636
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022031502.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
sffe /
Resource Hash
35e86b97fb421ee544819a0f6cfc4d551f8b232969cfe954f9e24d65c476005c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123779
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 17:39:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 09:25:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		82 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
cafe /
Resource Hash
c31b2375744708f38933b2cb26263a36bb9c254ba30d3d669953136ffd70dbe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78
x-xss-protection
0
expires
Mon, 21 Mar 2022 11:27:39 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 		294 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108579
x-xss-protection
0
server
cafe
etag
4861168965344539476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 11:27:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 5B07 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 20 Mar 2022 20:47:02 GMT
expires
Sun, 03 Apr 2022 20:47:02 GMT
cache-control
public, max-age=1209600
age
52838
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&frequency=0.01&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260200548443713&ev=PageView&dl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&rl=&if=false&ts=1647862059189&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647862059188.1794284168&it=1647862058888&coo=false&exp=p0&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 21 Mar 2022 11:27:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6427330-1&cid=1779063154.1647862059&jid=301847513&gjid=562424314&_gid=998334042.1647862059&_u=IGBACEAABAAAAC~&z=1673602983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 Mar 2022 11:27:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/ 		19 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b23ccf71380978c139b27990f32f6986c492acbd78874b9b32127d756b3277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avHdHxD2ZSzunPCGs1xP0FfumohKRDwIQtljywNYpN%2BSQcjWbnlNLggsvV%2BaEqeho55KPt5buaS5GMon5%2FCZOFgJoZChKhafAIF33mHHtaqtlA20z79Fzf34kR2e2cWIYk%2BoMojDGwE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ef656f2ea2306d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3565077800031037&correlator=2653553203937466&eid=31065682&output=ldjh&gdfp_req=1&vrg=2022031502&ptt=17&impl=fifs&iu_parts=74207979%2Cadxp_ge_sticky%2Cadxp_ge_in-article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C320x100%7C320x50%7C970x90%7C250x250%7C300x250%7C336x280%2C300x600%7C320x100%7C320x50%7C250x250%7C336x280%7C300x250&ifi=2&adks=1438139209%2C1243139692&sfv=1-0-38&ecs=20220321&fsapi=false&prev_scp=%7Chb_format_oftmedia%3Dbanner%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.04%26hb_adid_oftmedia%3D23a440d919b1869%26hb_bidder_oftmedia%3Doftmedia%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D23a440d919b1869%26hb_bidder%3Doftmedia&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1647862059344&lmt=1647862059&dlt=1647862058396&idt=869&biw=1600&bih=1200&oid=2&adxs=436%2C531&adys=1150%2C2661&ucis=1%7C2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&url=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1%7C824x50&msz=728x-1%7C824x50&fws=516%2C4&ohw=1600%2C1600&ga_vid=1779063154.1647862059&ga_sid=1647862059&ga_hid=1283769315&ga_fc=true&btvi=0%7C1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
cafe /
Resource Hash
279bab9c940a48b6220772a720b2e044ebf9341a62132bc9c66178fa73272710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8990
x-xss-protection
0
google-lineitem-id
-2,5363688884
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138310969000
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A73 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:27:40 GMT
expires
Tue, 21 Mar 2023 11:27:40 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=1779063154.1647862059&jid=301847513&_u=IGBACEAABAAAAC~&z=1874165851
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6427330-1&cid=1779063154.1647862059&jid=301847513&_u=IGBACEAABAAAAC~&z=1874165851
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.gazetaexpress.com&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		221 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.gazetaexpress.com&callback=_gfp_s_&client=ca-pub-4665846415960239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
11bb1cef53ad81cc2bab8fb4d99f0d58dac161d1a3a270cf06f15d9db120365c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5C20 		603 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1647862059&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647862059157&bpp=3&bdt=761&idt=217&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3775885188004&frm=20&pv=2&ga_vid=1779063154.1647862059&ga_sid=1647862059&ga_hid=1283769315&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774&oid=2&pvsid=3565077800031037&pem=468&tmod=471574597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4665846415960239&plah=www.gazetaexpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 21 Mar 2022 11:27:40 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 4E13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7gFF5WbR4Rx3Bs3rFlWVUvotVTldTAUP3uM_BRp62R_kOEAa1q2SftUDaCjpWBPXACvDg4EuHSkvxt87eXQOrusIN4kvjFVwNBjHirpseAMFA8pWqPArJDRczW8yUR4QyOTUmTcAQKyvuW-pfVPzg5pts3HuRwb2Jcs69A7FmpiIcEv86wrcuFkiJQpL3lnyf7tvxh8xpBgFvfrprwJwUeIPBZ4LHwE_13vGlDDbRdKVcQR6tPEMoskd4xcUOLZAXSVcefdAr5gEgBrUWosunv3tEExWOoAZ_vcGAaGqLDxN_N5CA9R9skHy7aKF8YI1_6Qk5RKo&sai=AMfl-YQd0QBLyyJXteW3JmReC30nvlIJgOTChxdt4hXxIFdiMTHt04aVsqnec0pa1wXJNDRiQhFgDnHVyet1JfcpFUAujwtdCaB_YEIWr6IbVfzfjJ3WnqT2fpklleyOJM4&sig=Cg0ArKJSzEk0EGY91eb4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 21 Mar 2022 11:27:40 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 4E13 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
fastly-original-body-size
8874
age
7562
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-hhn4071-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ef656f529559b25-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E13 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:27:40 GMT
6ef656ebeac776e4
www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/cv/result/6ef656ebeac776e4
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647860400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ef656f6bfd006d1-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYK5Ov0EiBSgy2ZLcuuzqeV3uT89Rvx1X2KXzaZW3cGOEAGPpO4cDDheYuGd6kT5OCIc6Gj70JFJlKYBAiBKrbZxNVKj6VhIeUkaJzOAeV3q0q6izn9NscabkPRx%2BlTd7oEF3k3Wb%2BA%3D"}],"group":"cf-nel","max_age":604800}
pv
bisko.gjirafa.com/ 		68 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1647862059924&guid=b9f90c5cffd6481ebf52790f044c25595f45c734bd9548cda84c82c84e404468&sd=73144e64cb9f48fcad9678c379515a06&c=%5B%5D&tg=%5B%5D&tt=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&u=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&r=&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvVD4tZ8nHcESPvchzAGLbBGQO3lg7GQXHv%2F53SQpG25JcBhbTr5FZFqYzt6WEG0FxeMYM0fWJ11DylaadbS0BcfLgZXA8t99yUeEWaW%2BZw6NbDST3fYuC9s%2BFPg3ad%2BmL8S"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
6ef656f71d939bc8-FRA
content-length
68
nmedianet.js
contextual.media.net/ Frame 4E13 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ca2017d7e15a2c4ca793a50067e3acb862d487a03b734ffa86d8bd905752afc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-mnt-h
10-4
content-encoding
gzip
server
Apache
etag
"9130f6cdb292dedcede6d962ed680600"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 21 Mar 2022 11:27:40 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-9
expires
Mon, 21 Mar 2022 11:32:40 GMT
log
qsearch-a.akamaihd.net/ Frame 4E13 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=15054187&other_prv=9&jar_err=&current_day=1.0&adtyp=0&req_id=7235707547272894787&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=17.0862&exp=&second_bidder=*&search_res=60&floor_bucket=0.00&gpid_format=&seat=&size=300x250&url_l1=e-gjeni-dot-kafshen-ne-kete-fotografi&f_seg=&prdp=0.0560&local_wr_url=0.0000&ogcbdp=0.1400&dfpbd=0.0560&server=1&ogerpm_wd_bkt=0-1&model_version=202203210607_generic_appn_2-cid_1&viewability=0.8500&dmm_r=0.9170&cut=60&dmm_l=0.0440&as_cache=0&tcyerpm=&sc=BY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=gazetaexpress.com%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2F&bidrestime=1647862059932&cc=DE&strg=harmony&ss=&current_hour=11&time_stamp=2022-03-21+11%3A27%3A39&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.1400&ct=Rothenburg+Ob+Der+Tauber&akey=&mnckfl=0&bdp_bucket=0.15&algo=&dc=eu_be&splid=15054187&dim4=exploration&dn=gazetaexpress.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&buyer_id=&dmm_m10=1230061&bdp_wider_bucket=1&acid=2c98aa57b2994063ac0c4063f56ea10a&infl=&o_ver=NT+10.0&br_ver=99.0.4844.51&bdmm_m6=0.0000&bdmm_m7=1.6750&bdmm_m5=0.0000&ver=8.11.0&totalTimeBucket=4&visibility=0&totalTime=4047220&dmm_m1=2022-03-21+11%3A27%3A39.934031286&e_rpm=0.4050&dmm_m22=0.0000&gdpr=&vsid=&log_less=true&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.6750&cid=8CU6M287B&bcrid=305103300&rawbid=0.1400&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-647b97587b-9scmj.BE&dfp_bucket=0.06&adblk=&itype=appnexus&pvid_seat=9&cliIP=3117783808&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=60&gpid=&iwb=1&dmm_d22=0.04&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.14
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.194.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-194-180.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:40 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 21 Mar 2022 11:27:40 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 4E13 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.86.97 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-86-97.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 21 Mar 2022 11:27:40 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=47102
access-control-allow-credentials
true
content-length
62892
expires
Tue, 22 Mar 2022 00:32:42 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 4E13 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:27:40 GMT
Content-Encoding
gzip
Age
2168950
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21944-LGA, cache-hhn4031-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1647862061.659807,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
48360, 976162
it
fra1-ib.adnxs.com/ Frame 4E13 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.gazetaexpress.com%252FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%252F&e=wqT_3QL2BOh2AgAAAwDWAAUBCKvC4ZEGEMqJ_qmx7KTDEBgAKjYJeekmMQisrD8RhCo1e6AVqD8ZAAAAoJmZE0AhhA0SACkRJAQxAAUBuNA_MOvqlgc40RhAlQlIYFDEg76RAVirvm5gAGjqspgBeLTVBIABAYoBA1VTRJIBAQb0SAGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsHWW-oCRGh0dHBzOi8vd3d3LmdhemV0YWV4cHJlc3MuY29tL0UtR0pFTkktRE9ULUtBRlNIRU4tTkUtS0VURS1GT1RPR1JBRkkvgAMAiAMBkAMAmAMXoAMBqgNBEhg3MjM1NzA3NTQ3MjcyODk0Nzg3X3NiaWQaEzExOTA4MDEyMDUyNTM2MDQ1NTQiCTMwNTEwMzMwMCoFTTExNzPAA6wCyAMA2AOOwj7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATEg76RAYgFAZgFAKAFw7LBrti1mbVkwAUAyQUAACGBFPA_0gUJCQEKAQFw2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB7TVBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=97608f7b06c63c53b5a26183ff311a4f12596966
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:40 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2b92dbef-26b5-41af-a620-9ab596eae82a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/ Frame 176A 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.gazetaexpress.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
date
Mon, 21 Mar 2022 11:27:40 GMT
zkEKweEi4gJcp_Z8moyMEI8fRpA2zVE1-q-Xx4d1as6NEkXCtb8pYCF0b_FATyUbbAeKV0L-qV-VlArmmXQ6PW2UTPnPUEs0PEs7pGTISz_N9OxHwy3LdbYXWZAGk_zhy4mIzsTSGK4qpG4IZe2XyUIz0s0fbDgQ6lY0JUWAhSbpvXQUAYvnWgI0eECvNmCFhT6RB...
serv431.com/ 		885 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zkEKweEi4gJcp_Z8moyMEI8fRpA2zVE1-q-Xx4d1as6NEkXCtb8pYCF0b_FATyUbbAeKV0L-qV-VlArmmXQ6PW2UTPnPUEs0PEs7pGTISz_N9OxHwy3LdbYXWZAGk_zhy4mIzsTSGK4qpG4IZe2XyUIz0s0fbDgQ6lY0JUWAhSbpvXQUAYvnWgI0eECvNmCFhT6RBAWA4J_ZKkS47bRGGD1alVI_1u5litqZjQBkxY29j9CJ_q8tm8gykBRb4-qqXCpseKBQG2sl0bXWszgD57uhRSSBkUzGBcfoapvQh6bObZVuTAb2V0qzu28axBXbw9wBD4YAqoFyHJr5kK9KrEbyT_N9uwVSFtau8z-o3u2gjAHStMstUdlM-lk9Ld7aT0CXO8i1cEVD4tGhAi3k0xH1qOxPEkYMwVRaXD9j-rCaKK9zZkA4Ozfg4m7Wl_Jbo0OsbjRakPeQMcS7I_YmfGqilNin_iL4_6BlmOxpHDm31hotpuTzZoW21dUk0ss-0wE4?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
a727002c49d08e8e8d85d449ffc2bb49e7708c3a8957800001a2a43e80aa5df1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
885
expires
0
zaHjO2LpI68GpnYVHZk1FqhT1skKO4mjVM0D_VICpZK1YX-hrio_vCwwpP1xCHhjh7PEMliwxDZX-gK9q1eCKODRe3RGDTYKnYSrm-3zM3Q-GtGSKsMxs-kez2LRDwxZPMu9jdAPHcRlw5vC3nw3Enb7uG21qaEoZqV9Z7p1qpx6Q_RxIhhBfYotds40x3Zpc-9sD...
serv431.com/ 		872 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv431.com/zaHjO2LpI68GpnYVHZk1FqhT1skKO4mjVM0D_VICpZK1YX-hrio_vCwwpP1xCHhjh7PEMliwxDZX-gK9q1eCKODRe3RGDTYKnYSrm-3zM3Q-GtGSKsMxs-kez2LRDwxZPMu9jdAPHcRlw5vC3nw3Enb7uG21qaEoZqV9Z7p1qpx6Q_RxIhhBfYotds40x3Zpc-9sD9pKeW-cSW7rpEgrEiGZvikaSbU-u80rOt24RqJhphcXgaAnBEkj9XJjkQXP4vmmIY_k-n9I-QZzgNdjoqnrpYxQt5cslKaDOHzn9-jfWo4lKsWzDRExn-ElCbmn7q7dTvSbt03ze7DWES-h9r3o9D7NkRP22065KkX3p8lnFc-nUOg2mx330VYlmAqfvO5PSoGjt6F9l900UsJU6ACyzcPVOm2SAdAmXNbDAXqOwwcAx2dsfc4P1Nf_z_JtpPPiiQ1WKf2DjYcFLf0ETPTXu2sOdy4CfOSS55UnA1HahAROo0bGvn2mIdhk2vs7jmUY?
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
f38119e974dd8ec8ab7400032ebc5e3be1f5c0f057ab43d95fb908f3a2412ddf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
872
expires
0
smtr
contextual.media.net/ Frame 4E13 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=421632617&size=300x250&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=T92M8NE&https=1&vif=1&requrl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&nse=5&vi=1647862060503559680&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B4Nxq4g48fOnRrolnfOur8za&bdrId=9&katbid=-103&ntv=0&matchstring=bcat%3Dnull%2Ch%2Ci%7Ccsh%3D1&katpre=1&pgid=p0593280118t202203211127&nb=1&adomain=https%3A%2F%2Fcontent.businessinfoline.com&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c17df0a4c6c50692dba8461e9c1e59b19f2c8d5ec06d07db0e4c51a8f66b56c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Mon, 21 Mar 2022 11:27:40 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-dxqf
strict-transport-security
max-age=604800
content-length
26475
x-sc-w
22-zpb9
checksync.php
contextual.media.net/ Frame 5A14 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
23f777f68e14aa6ea3ee3696ef90d3fa97124e8a1b4b3240d93c0528676e3d1d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 23 Mar 2022 11:27:40 GMT
date
Mon, 21 Mar 2022 11:27:40 GMT
content-length
5717
bping.php
lg3.media.net/ Frame 4E13 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=421632617&vi=1647862060503559680&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781035&r=1647862060050&requrl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1647862060118565099&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p0593280118t202203211127&vgd_pgids=1&vgd_uspa=0&hvsid=00001647862060044031177838085349&gdpr=1&vgd_end=1
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Mon, 21 Mar 2022 11:27:40 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 21 Mar 2022 11:27:40 GMT
checksync.php
contextual.media.net/ Frame 6223 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
295b94c8868dd933abc89f983e2dbe39ca4596290c5bd309ebbcdcd9cb089653
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 23 Mar 2022 11:27:40 GMT
date
Mon, 21 Mar 2022 11:27:40 GMT
content-length
7796
clog
hblg.media.net/ Frame 4E13 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=7235707547272894787&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB14-1&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.140&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=659dae2d&scrid=305103300&itypeid=16&mx_SPRIG=0&viewability=85&renderer=0&be=0&rtime=9.0&adj0=0.0&tmax=150&s_ip=37.252.173.45&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=7235707547272894787&sc=BY&mowxReqId=2c98aa57b2994063ac0c4063f56ea10a_1&ifdp=0&requrl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&bidrestime=1647862059932&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-421632617-13-0&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.140&ct=Rothenburg+Ob+Der+Tauber&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=39351&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=gazetaexpress.com&dt=O&acid=2c98aa57b2994063ac0c4063f56ea10a&actltime=15&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.056&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=305103300&omul=1.0&res_mtype=0&apPrfs%3C%3E=51%23%2313%23%2316%23%2343&chnl=HARMONY&pst=0&reqsize=300x250&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1647862660187&dnt_status=N&reftype=0&prvAccId=421632617&ckfl=0&lper=1&mx_tgs=300x250&cbdp=0.056&csex=0&pvdTmax=111&ltime=15.0&epc=421632617&prvReqId=3138312516676_1587167432_856004011191&zip=91541&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1457516&brsrclk=0&sbdrid=99&rtttime=22&apTags%3C%3E=75&mx_PC=1&wsip=mowx-579f5897f8-hlnhl&currsrc_date=2022-03-18+00%3A00%3A00&mx_divid=15054187&geoll=false&debug_ts=2022-03-21+11%3A27%3A39&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=15054187&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=4.9&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-647b97587b-9scmj.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=15054187&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.14&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=15054187&opbidflr=0.000&impId=1190801205253604554&rme=adm&bdata=~seller_tag_id%3D15054187~std%3D15054187~itype%3DAPPNEXUS~visibility%3D0~city%3DROTHENBURGOBDERTAUBER~ref_cnt%3D1~r_ip%3D185.213.155.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D2~dmm_d29%3Dfalse~dmm_d30%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~bx_sgmt%3Dempty~sgmt%3Dempty~bx_rpc%3D0010001~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.044~dmm_r%3D0.917~e_rpm%3D0.405~dmm_m1%3D0.405~dmm_m2%3D0.026~dmm_m3%3D1.000~dmm_m7%3D1.675~dmm_m10%3D1.000~dmm_m11%3D0.429~dmm_m12%3D1.675~dmm_m14%3D1.000~dmm_m15%3D0.909~dmm_m16%3D0.917~dmm_m21%3D1.000~dmm_m28%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m39%3D23513.124~dmm_m40%3D32413.000~dmm_m41%3D12.024~dmm_m42%3D16.000~dmm_m44%3D0.909~dmm_m47%3D18580.000~dmm_m48%3D4504955.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.405~vbr%3D0~bid%3D0.140~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D15054187%7Eviewability%3D0.847508%7Ecbdp%3D0.056%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.140%7Eseller_tag_id%3D15054187%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&utime=130&sf=0&cpr=0.3162058698583834
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-32-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 21 Mar 2022 11:27:40 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Mon, 21 Mar 2022 17:27:40 GMT
checksync.php
contextual.media.net/ Frame 95F6 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C4%2C246%2C10000%2C9%2C2033&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
295b94c8868dd933abc89f983e2dbe39ca4596290c5bd309ebbcdcd9cb089653
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 23 Mar 2022 11:27:40 GMT
date
Mon, 21 Mar 2022 11:27:40 GMT
content-length
7796
rd_log
fra1-ib.adnxs.com/ Frame 4E13 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&e=wqT_3QK1BOg1AgAAAwDWAAUBCKvC4ZEGEMqJ_qmx7KTDEBgAKjYJeekmMQisrD8RhCo1e6AVqD8ZAAAAoJmZE0AhhA0SACkRJAQxAAUBuNA_MOvqlgc40RhAlQlIYFDEg76RAVirvm5gAGjqspgBeLTVBIABAYoBA1VTRJIBAQb0BQGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsHWW-oCRGh0dHBzOi8vd3d3LmdhemV0YWV4cHJlc3MuY29tL0UtR0pFTkktRE9ULUtBRlNIRU4tTkUtS0VURS1GT1RPR1JBRkkvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDjsI-4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAExIO-kQGIBQGYBQCgBcOywa7YtZm1ZMAFAMkFJT4YAPA_0gUJCQkMeAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJSBgAIAAwADi6BkAAyAe01QTSBw0VdwE4CNoHBgknROAHAOoHAggA8Afs-wOKCAIQAA..&s=4facc5f775e7a86ea80ef5fc9a8ce486ead097c2&bdref=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F,https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:40 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
19b28abe-2637-4318-9581-541689fa4129
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.projectagoraservices.com/ Frame 2E1E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4071
expires
Mon, 21 Mar 2022 11:27:40 GMT
zRF8JzvjgLXO5KeCSb2m8rIVko3P0s1pfsDaB1kCs04hGsQn1PQR8UhZmHflIRtbk0llFWWo4Am3VMuLVl6yOYMUq-J8p8AVOmMMDSGSLIRDJVJNDxN230z1j-jiK832eebT3oyxK77pvMcZRUW1KFgPhgbwiGCYVj_7Fa4eOrb1TVRzr4Ebvr2FI1iF7-7n_CrFs...
serv431.com/ Frame 2E1E 		43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zRF8JzvjgLXO5KeCSb2m8rIVko3P0s1pfsDaB1kCs04hGsQn1PQR8UhZmHflIRtbk0llFWWo4Am3VMuLVl6yOYMUq-J8p8AVOmMMDSGSLIRDJVJNDxN230z1j-jiK832eebT3oyxK77pvMcZRUW1KFgPhgbwiGCYVj_7Fa4eOrb1TVRzr4Ebvr2FI1iF7-7n_CrFsDij0g_HQK4AutsYgZ4fNtAqZnU4D0Xumhw-oou6s1M3u4pEdxohLZWKIXclYRHBpXkyBRSwcZCBsUXkTGJKeSjB9qUKR98XwEuYAlO5DtsrUM-e8itUqZlQuN26Z_M_9dyngQF0Dl9_BU-TdIBUxFfnZe_tnO46xt3jryhvwDEm3Ev3cfiALXLNH7lobiR6Pfnp5fxoz5qIr3BvMAiNSw4R5vHoSZJG7uKo?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 5665 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=4391
Requested by
Host: serv431.com
URL: https://serv431.com/0a3b5987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4071
expires
Mon, 21 Mar 2022 11:27:40 GMT
zMCaMiR7AvcAt4z9QSgqM-qjDPgmaMGaSv_AbjdyB0fbQxSHk7A5kaG7S_mC1dndNRDE4xBhv0RmOQArLoRJOUYdDzbgyEg8T9bkI7I7W3B0QuLgReOyhjjftZY0Gbi-jEOFsq49ucPq-Y8SHjL48e7lE7kXeTgK-YmYEveYv_MEuHu2R6zyIhmTbggrPfKCASliY...
serv431.com/ Frame 5665 		43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serv431.com/zMCaMiR7AvcAt4z9QSgqM-qjDPgmaMGaSv_AbjdyB0fbQxSHk7A5kaG7S_mC1dndNRDE4xBhv0RmOQArLoRJOUYdDzbgyEg8T9bkI7I7W3B0QuLgReOyhjjftZY0Gbi-jEOFsq49ucPq-Y8SHjL48e7lE7kXeTgK-YmYEveYv_MEuHu2R6zyIhmTbggrPfKCASliYnLI6r1IgATRTM5tYRYw5V990wprW-p4JFaDynFSfWkDL2KQKRZiilksHODv8us1w6zkmls7syqwIzULGaElgT0Yj7oY0S0BKMsY7Oe351aBinCuUGGR3N7EPaxvMfyMgae3Eb2E_5QzzkzyIPx3wLeDNydjXlagF4DHRvWHwEoXrJbANhfkDWD61m96wtltxWm9asSuPlZINH6QNuxPvc1wn1IBQPBFE6vU?DC=WZ
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.88.224.28 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:40 GMT
last-modified
Thu, 02 Dec 2021 16:25:42 GMT
etag
W/"43-1638462342000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 4E13 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87d1242d49ac617a8760c1c186770b83f96d6e74bea8a894681796348d30dc8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 4E13 		0
847 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&e=wqT_3QL2BOh2AgAAAwDWAAUBCKvC4ZEGEMqJ_qmx7KTDEBgAKjYJeekmMQisrD8RhCo1e6AVqD8ZAAAAoJmZE0AhhA0SACkRJAQxAAUBuNA_MOvqlgc40RhAlQlIYFDEg76RAVirvm5gAGjqspgBeLTVBIABAYoBA1VTRJIBAQb0SAGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsHWW-oCRGh0dHBzOi8vd3d3LmdhemV0YWV4cHJlc3MuY29tL0UtR0pFTkktRE9ULUtBRlNIRU4tTkUtS0VURS1GT1RPR1JBRkkvgAMAiAMBkAMAmAMXoAMBqgNBEhg3MjM1NzA3NTQ3MjcyODk0Nzg3X3NiaWQaEzExOTA4MDEyMDUyNTM2MDQ1NTQiCTMwNTEwMzMwMCoFTTExNzPAA6wCyAMA2AOOwj7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATEg76RAYgFAZgFAKAFw7LBrti1mbVkwAUAyQUAACGBFPA_0gUJCQEKAQFw2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB7TVBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=97608f7b06c63c53b5a26183ff311a4f12596966&type=nv&nvt=5&jm=1003&px=792&py=2661&bw=300&bh=250&sid=1986392161604298694&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15054187&sw=1600&sh=1200&pw=2510&ph=5040&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:40 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
05aedaad-8e5d-4779-a6ca-a0ebfb32252c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 2E1E 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 5665 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=4391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 11:41:27 GMT
server
UploadServer
etag
"a178823d2ae84db5f82ee3f3802b46c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tugYrw==, md5=oXiCPSroTbX4LuPzgCtGyA==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtNYcBmZimXr2COTBK0OWaHL6fKtFLiyGjV7d39AeRyZz70WG2J_8DcBgofvnnXxb1QWg-US455JYifogfa8xZQdEPlMg
content-length
7481
view
securepubads.g.doubleclick.net/pcs/ Frame 4E13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGHKwAmwcGf2hufb901Nid9GXwAANwA0HTzFrGwnEK71cCWcHOpBmzjRhFWNuu8bBPlnbSWbPIoUwOVslEGEv87ZfLIPTBbzm0DwyxWWpYTzikkgMg7r2oXwqF-Jenn0BQzzrjVnHQc59speGbnv5wMNnRD9lQY0KWIQL7h5xCbU3yqznfsYwpSVrRSJf1TNXSQUjwuOjmB9FRvm_q8COQoRC-P6T2WPXmjt--Qk2XYPUzLUJ8nGK2G0Uw3Hwa4rdHZUxVG34ZzzdeB_LrRyB08t-b_Y1Hg_4BJsFQKZ_aRHRyjGTHXw2YARB9rIHWi9QihbXNWwqjQw&sai=AMfl-YQdzm2j3v_HbwEW0qP_yML_Uk_zHeM49No3K6ruGviNDvDaLgzALF2xYpp0_5LOL-nEDKkb28W815HiqnXWqgFRYp1All_bpzX903Kcl1hIl13TL57dW3yffM_Nbnk&sig=Cg0ArKJSzHcWTG711i_3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 21 Mar 2022 11:27:40 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1647862060290176945880&ogtitle=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&uniqId=07b59&childs=1214277&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&sessionId=6238612c-14acc&pageView=1&pvid=17fac3b9502960c3239&site=634059&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ef656f92e86926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 5665 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 2E1E 		349 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:59:57 GMT
server
UploadServer
etag
"11268851b1fae583284d891ae77d8f75"
vary
Accept-Encoding
x-goog-hash
crc32c=iwkFbw==, md5=ESaIUbH65YMoTYka532PdQ==
content-type
text/javascript
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
cache-control
private, max-age=86400
x-amz-meta-
accept-ranges
bytes
x-guploader-uploadid
ADPycdtTMszr4NXOViTtpsyRJ2v81xqZM7cx1Jc0RYSePwIm7YIqkHW4u_1o-MH2cyE9zl-YuFJX9xiR2RuBjiolm44
content-length
113743
truncated
/ Frame 70A6 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 70A6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 70A6 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.224.108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-108.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:27:41 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
age
5838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FY75M483VQ0RS4R6
x-amz-id-2
3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ef656f9bf1c926b-FRA
expires
Tue, 22 Mar 2022 11:27:41 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
age
5689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ef656f9bf17926b-FRA
expires
Tue, 22 Mar 2022 11:27:41 GMT
localstore.js
script.4dex.io/ Frame 5665 		483 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508032
x-amz-request-id
txabea8e98672240ae92027-006230a0ad
x-amz-id-2
txabea8e98672240ae92027-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KgFuyloPr1bG9eHiL1SS1KN1eLj%2B2iozyu0DRn1X9b0h9UpLIkKXEXYPqROznqDlB05BHQeib4UmzKUdIrdZEDr9Kyx8S%2BFEiYdoSLI1%2FHtJJtHIwjvgyFFEuT57cgk3oRT44oJsr3pYbdi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647354020753810
cf-ray
6ef656fa2f149201-FRA
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5665 		267 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=949666b6-f245-464a-a218-6bf4506a2e30&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5943979382132634
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fdb372202bc66c26ee022569b581c1fc70c5c7f60ac185815fc7378a0a03f071

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:41 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame 5665 		36 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%22336d684bc5fb1c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224e65ab329aade%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224e65ab329aade%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224e65ab329aade%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224e65ab329aade%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224e65ab329aade%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1efe00e19de8c2bd26a211fa57a47790b7648453a80a02d0e31f15a5df880175

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 21 Mar 2022 11:27:41 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 5665 		72 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=949666b6-f245-464a-a218-6bf4506a2e30&nocache=1647862060436&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
5354c51cb516562bde470821c3df125e01152fe47296eefd57e9bccbd7c264fe

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 5665 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPTk0OTY2NmI2LWYyNDUtNDY0YS1hMjE4LTZiZjQ1MDZhMmUzMA%3D%3D&pt=gross&stid=9a65cbfc-9d25-429e-8466-d6928a7a83dd&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 5665 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 5665 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Mon, 21 Mar 2022 11:27:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 5665 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=18218128599
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
tlx.3lift.com/header/ Frame 5665 		19 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.84.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-84-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5665 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8ef5d4b879cb1d35d7041ebb9a545462cd9a67e81cc42f7ace19a8aa2a73fb96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:41 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
38970a8a-b7a3-4133-966f-436e251eb5b8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bql.php
lg3.media.net/ Frame 70A6 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&&vgd_l2type=sca&v=1&gdpr=1&geo=50.1%7C8.63&dlper=20&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785217&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=243&fdkt=391&vgde_kbbh=ffoNu9&kwd[]=Kurkuma+gegen+Arthroseschmerzen&kwt[]=391&kbc[]=1261981624&kwp[]=1&kid[]=329496726&kbc2[]=rps%3D0.36%7C%7Cps%3D0.557%7C%7Crpc%3D0.63%7C%7Clvl%3D4.55&ktd[]=274894815488&ktrkt[]=Kurkuma+gegen+Arthroseschmerzen&kwd[]=Elegante+Mode+f%C3%BCr+Mollige&kwt[]=391&kbc[]=1261981624&kwp[]=2&kid[]=329525186&kbc2[]=rps%3D0.59%7C%7Cps%3D0.557%7C%7Crpc%3D0.60%7C%7Clvl%3D4.75&ktd[]=274894815488&ktrkt[]=Elegante+Mode+f%C3%BCr+Mollige&kwd[]=Ferienwohnung+in+Kroatien&kwt[]=391&kbc[]=1261981624&kwp[]=3&kid[]=10678673&kbc2[]=rps%3D0.00%7C%7Cps%3D0.557%7C%7Crpc%3D0.57%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Ferienwohnung+in+Kroatien&kwd[]=Fahrr%C3%A4der+online+kaufen&kwt[]=391&kbc[]=1261981624&kwp[]=4&kid[]=326731324&kbc2[]=rps%3D0.59%7C%7Cps%3D0.557%7C%7Crpc%3D0.39%7C%7Clvl%3D4.76&ktd[]=274894815488&ktrkt[]=Fahrr%C3%A4der+online+kaufen&kwd[]=Strom-Tarife+im+Vergleich&kwt[]=391&kbc[]=1261981624&kwp[]=5&kid[]=326676410&kbc2[]=rps%3D0.05%7C%7Cps%3D0.557%7C%7Crpc%3D0.62%7C%7Clvl%3D4.55&ktd[]=274894815488&ktrkt[]=Strom-Tarife+im+Vergleich&cid=8CUL2446F&vwid=1647862060503559680&vi=1647862060503559680&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D39351&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785217&vgd_nrrv=32659&vgd_nrrmf=1c808&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1647862060118565099&sttm=1647862060044&upk=1647862060.12340&hvsid=00001647862060044031177838085349&verid=3111299&vgd_matchstr=bcat%3Dnull%2Ch%2Ci%7Ccsh%3D1&sbdrId=99&vgd_ecrid=305103300&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D39351&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8OvuX9XHuWh~Q7OvuX9XHuWh~875EJvK00I4tPb~e8Q8G8j875v9~N875vDa_q4IRPDZaRr4D_KPR4D~LJkMNz7vu~LM8EvuWX.fuA.uXX.9~LMQNvR3~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1uv9~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvh9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9H~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvf~OYYMOfivk1jQJ~OYYMOA9v9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~G-MQyY7vJYE75~QyY7vJYE75~G-MLENv99u999u~G-M8z7YOv9~G-My8zQxv9~G-MLQEvv9~G-MQ8lJvA99-fX9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.9HH~OYYMLv9.iuh~JMLEYv9.H9X~OYYMYuv9.H9X~OYYMYfv9.9fF~OYYMYAvu.999~OYYMYhvu.FhX~OYYMYu9vu.999~OYYMYuuv9.Hfi~OYYMYufvu.FhX~OYYMYuHvu.999~OYYMYuXv9.i9i~OYYMYuFv9.iuh~OYYMYfuvu.999~OYYMYfWvu.999~OYYMYA9vu.999~OYYMYAAvu.999~OYYMYAHvu.999~OYYMYAivfAXuA.ufH~OYYMYH9vAfHuA.999~OYYMYHuvuf.9fH~OYYMYHfvuF.999~OYYMYHHv9.i9i~OYYMYHhvuWXW9.999~OYYMYHWvHX9HiXX.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.H9X~eGLv9~G8Ov9.uH9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8OvuX9XHuWh~e8JB1G8j875v9.WHhX9W~NGOEv9.9XF~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~QJjjJLM71yM8OvuX9XHuWh~N1LL8JLVOv9~ONx7vF9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=200610&vgd_scsver=156&vgd_l2ch=0&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001647862060044031177838085349&subBdr=99&bdrid=9&fp=5QvhfULacVXf1-Ohdn-e_M3UibRwru0CAzTIekZNh6Y1RKeWH6RJHE1JOSbFL_PUgSn5-UGgSaWvjIaLaszboojZi-CNsARLotB7grcmtcdzTFus3V6M0NtfK5tlC064DKLt4qb_Uf4%3D&cme=RB6tarFJX44gNiK46FxEOodiSOZd0oc8jd-gVQdvPqPduIAsccB8DG15r2xH9v6x0kCPqSCCk-IPcjzlzlhkrF5yPs_A0nx5WaB0kI76f_5ItnQ8meemQGvc7HMDMpPYadhu56WuQ4Gj3mPu41Yvyy5GhHLpHLxpaQzh2NLGQYrNMXp888Kdv21ANq_EI4PUJE1YRzW0eFSzAPS3Lbc9e3wB4FckdK46%7C%7Cpgb5BM-8pftCoSCoBvcD8uw81CNd7hb4c3nPfJ9IifmV-LQsFE9eBq7ZIjVyBh3euOWag4uypqHygua4H6GwtHp7tAqQZT8IwjxUf39iIhH60VaszKaQzr1E1W3rg9-ncFQDyO6s_WVTyQA_5czKbxoIk1UahnurLYLva7BNw29TS2gXaZXGIoVQ0gx2MXOhdxsSdi-uiqfxlUp51G6HiiNTdwbzk-IQsS-Vb3UsFdc%3D%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7Ca0AmFUYXmD7jDnship0-AUJ4bEXSAR1HP74whIK8-l2esRiTlofUb9ydnBYmvBdsgeuoYaoGGMbw4P-WTWgae4CxjIpjktgLr4noE2ygAHQ%3D%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7C&rc=0&rand=1647862060352&acid=2c98aa57b2994063ac0c4063f56ea10a&matm=1647862060352&requrl=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vgd_x_pos=793&vgd_y_pos=2780&vgd_ren_page_h=5413&vgd_ltime=519&vgd_ltimesrc=1&vgd_l1hcsd=N4%7C1843&vgd_l1ch=1&vgd_lhl=3272&vgd_pgid=p0593280118t202203211127&vgd_csip=rtb-common-647b97587b-9scmj.BE&vgd_sbSup=1&vgd_nrrs=32659&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F74207979%2Fadxp_ge_in-article_0__container__%7CDIV-div-gpt-ad-1634289484286-0&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D421632617%26gdpr%3D1%26https%3D1%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3Dbcat%253Dnull%252Ch%252Ci%257Ccsh%253D1%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Fwww.gazetaexpress.com%252FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%252F%26size%3D300x250%26tpid%3DT92M8NE%26ugd%3D4%26vif%3D1&vgd_end=2
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Mon, 21 Mar 2022 11:27:41 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Mon, 21 Mar 2022 11:27:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
886271ffc64606748e51dea9c199b951574eeba56313bbcde9d50c45e8a701f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10567
x-xss-protection
0
localstore.js
script.4dex.io/ Frame 2E1E 		483 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508032
x-amz-request-id
txabea8e98672240ae92027-006230a0ad
x-amz-id-2
txabea8e98672240ae92027-006230a0ad
last-modified
Tue, 15 Mar 2022 14:20:20 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHuUSrZx%2FXMU9zlnz%2B4kgSsI2w5yPPuoAOC8eg3nnRVbykfSyYj2K8MAm3uVq2NKDdyidgWnt4RhjhIfSuLfKh9cdU1%2FYyv1sp8Kp4UFqlxvVarQ%2BFo%2FY7moQmt4m6SDV1IVmiZyva%2BDibwO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647354020753810
cf-ray
6ef656fa3f199201-FRA
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2E1E 		267 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1380844&size_id=15&alt_size_ids=13%2C14%2C16%2C198&rp_schain=1.0,1!projectagora.com,103530,1,,,&rf=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=3acdee70-9b0c-49e5-ad1c-f81ca57ed680&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10294950036449602
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4fd0fe7368fdf78515eb056494df05bd40a1ca31cb0c963276f4d17b98a6bdb2

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:41 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ Frame 2E1E 		19 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.10.0&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.84.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-84-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2E1E 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
68c70eb2a90453358de183b08add26d04b62231a46fa877a4e5fa1cb55ffc958
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:41 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
69266e99-3907-4423-bcd0-c729a8a23fce
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gazetaexpress.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 2E1E 		5 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY1MSZ0cmFuc2FjdGlvbklkPTNhY2RlZTcwLTliMGMtNDllNS1hZDFjLWY4MWNhNTdlZDY4MA%3D%3D&pt=gross&stid=5eb755c3-2e19-4e11-8685-803abe15b7b8&fd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 2E1E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.10.0&cb=46361769609
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 21 Mar 2022 11:27:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 2E1E 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Mon, 21 Mar 2022 11:27:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 2E1E 		37 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=621768&v=7.2&r=%7B%22id%22%3A%22159281272e2ac2d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bb89e6ab046f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2216bb89e6ab046f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2216bb89e6ab046f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2216bb89e6ab046f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2216bb89e6ab046f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22621768%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22projectagora.com%22%2C%22sid%22%3A%22103530%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94e1e8b1bc385e4a69f5e2a249da03928ea193f2b2440bbed49d7c9e2cc4fdcd

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 21 Mar 2022 11:27:41 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 2E1E 		73 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3acdee70-9b0c-49e5-ad1c-f81ca57ed680&nocache=1647862060481&schain=1.0%2C1!projectagora.com%2C103530%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C336x280%2C640x360&divIds=16604718_gazetaexpress.com_inarticle-adtag_300x250&auid=540924445
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
eabb217ce1c8a1710595df3dfbecc1c49a5e9130f9344e6938b23dd24a26d036

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 2E1E 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
1
servicer.mgid.com/1002277/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1002277/1?pv=5&cbuster=1647862060487479301769&ogtitle=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&uniqId=07b59&childs=1214277&niet=4g&nisd=false&jsv=es6&w=824&h=253&wrongImageSize=1&cols=3&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&sessionId=6238612c-14acc&pageView=1&pvid=17fac3b9502960c3239&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7dc00ef44abc8c07dc85cbe8d9737813f68f39ccadfd7e992a26d9cbdbf8d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ef656fa6ff2926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1190148/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1190148/1?w=824&h=110&wrongImageSize=1&cols=1&pv=5&cbuster=1647862060490943945659&ogtitle=E%20gjeni%20dot%20kafsh%C3%ABn%20n%C3%AB%20k%C3%ABt%C3%AB%20fotografi%3F%20-%20Gazeta%20Express&uniqId=098aa&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.gazetaexpress.com%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2F&lu=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&sessionId=6238612c-14acc&pageView=0&pvid=17fac3b9502960c3239&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36d19fbe3e6775de15064aedfb6cd1d44f9f35b7ceb64cb780528454ee6f911

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ef656fa6ff1926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adagio.js
script.4dex.io/ Frame 5665 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508015
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx6d4d825145154099a41b6-006230a0af
x-amz-id-2
tx6d4d825145154099a41b6-006230a0af
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Wi2192ypg4Q2ES3IH9Ne8F0Fj87nuJv6bb%2BfxWkruKcXGwUD3zsMSPIO7ufpE28fMPj1%2B%2F3BBp8v0MlU6H5V83CCpQdodnZ8DYE2THdqmhhEuc%2BBgRkY%2BO%2BlpriYMfz2QA2lsF%2FeYVwwZZc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ef656fa7ed09010-FRA
access-control-allow-headers
Authorization
adagio.js
script.4dex.io/ Frame 2E1E 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508015
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx6d4d825145154099a41b6-006230a0af
x-amz-id-2
tx6d4d825145154099a41b6-006230a0af
last-modified
Tue, 15 Mar 2022 14:20:19 GMT
server
cloudflare
etag
W/"ad0d3c45f41a818ade0dc83d4b687ff1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GMF9Rs3J6nIGeCJzurcbf4H2h1hKG%2FyTCiwhIUavp44YSIC72%2FEv3LO75l%2FFzJHdeQ%2Bo1a9oc4V1D6%2FkBJ5K6dtVMgHmlrGLysBYl5ZDgkNF0QBU2sJbqb%2BiUB6yQt7aZOl0KceEKT1a90v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647354019224084
cf-ray
6ef656fa7ed59010-FRA
access-control-allow-headers
Authorization
outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 15:08:40 GMT
server
nginx
etag
"4885-5cc0a12ca1c8c-gzip"
vary
Accept-Encoding
x-cached-since
2022-03-18T13:03:25+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2617
expires
Sat, 18 Mar 2023 13:03:25 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
age
5838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FY75M483VQ0RS4R6
x-amz-id-2
3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ef656facae59238-FRA
expires
Tue, 22 Mar 2022 11:27:41 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
age
5689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ef656facae89238-FRA
expires
Tue, 22 Mar 2022 11:27:41 GMT
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDMvU2NyZWVuc2hvdF8zLTE3LmpwZw.webp
s-img.mgid.com/l/556371/492x277/-/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDMvU2NyZWVuc2hvdF8zLTE3LmpwZw.webp?v=1647862061-UTDPpqGaRbanWL9lk7yA3AleveJPAEyRxIIDmY8NJOk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37ec5ebcb374575dffe5995f8c24cecacd9f4deb5b5b40c1bf55bdc6c18c0a4

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Mar 2022 11:25:46 GMT
x-mg-request-uuid
93e871f5-50a9-4392-b39e-8cc28634f463
age
115
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656fb182e698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5858
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlN...
s-img.mgid.com/g/11739862/492x277/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739862/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlNjRkODVjZDk2OTQyMTA0NTIucG5n.webp?v=1647862061-rV1bDXVakzLnqHI__r5oTJv2QfBu4RtBv7euulhC-RA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce452421ffc53808c61795729eef02db9132d6d2cbc68198b158dce56b519272

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid
3b8b83a5-7ad4-4a47-8a84-3a96fb56569f
age
6928
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656fb182f698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9756
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyN...
s-img.mgid.com/g/11739834/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739834/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyNDBhYjIyODE3OTJlNThmZDQuanBlZw.webp?v=1647862061--5d26jh3-Ah7LhHUsZ8o5o82g8p4n9hJKb8ivHq-8eA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:41 GMT
x-mg-request-uuid
23d6fefd-d169-434b-a448-982ac7fc2908
age
43339
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656fb1831698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
server
cloudflare
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDMvMzU4MzM4MWYtODk1OS00YTQyLWEyYjctMmNjZjE3ZDEyMWMzLmpwZw.webp
s-img.mgid.com/l/556371/492x277/-/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDMvMzU4MzM4MWYtODk1OS00YTQyLWEyYjctMmNjZjE3ZDEyMWMzLmpwZw.webp?v=1647862061-M2I1n2WKvatGW-GzMP8fcOFAV8b5GWVvzWVSgjYWUVI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e757086664a81fc61bd6a84309abed0813e8077cc7bd3c1c5f76a4bb6bbc6e

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Mar 2022 11:25:46 GMT
x-mg-request-uuid
934d73dd-151c-4789-8a44-b38a04dd9512
age
115
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656fb1832698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11272
server
cloudflare
aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjEvMTIva3V2ZW5kaS1pLWtvc292ZXMtaS16YnJhemV0LTkwM3g2MDAuanBn.webp
s-img.mgid.com/l/556371/492x277/-/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/556371/492x277/-/aHR0cHM6Ly93d3cuZ2F6ZXRhZXhwcmVzcy5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMjEvMTIva3V2ZW5kaS1pLWtvc292ZXMtaS16YnJhemV0LTkwM3g2MDAuanBn.webp?v=1647862061-w2RGHGFnFi3-S1-0iFI-I00ST-A8Oi_w_cS8e-kA1sE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b45d50995f4cc4d4d71101c4eacdb52685b1af9daf123b745929540f0dad45

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Mar 2022 11:24:09 GMT
x-mg-request-uuid
6e3206e3-057c-4df6-b26c-0a3e0376fbdb
age
115
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656fb1834698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27744
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhY...
s-img.mgid.com/g/11739844/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739844/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhYmVlYWIxYzQ4ZjM5OTlmYWIuanBlZw.webp?v=1647862061-BYZ2aylfCBxvmwkGSadKHjcsAFkdRzGFkA5tmGGXl_w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c

Request headers

Referer
https://www.gazetaexpress.com/
Origin
https://www.gazetaexpress.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid
474d7e09-168c-48c3-85d1-4e1690c1d163
age
104797
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ef656fb1837698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28782
server
cloudflare
mgWidget_1.11.87.es6.js
cdn.mgid.com/js/wglibs/ 		319 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.87.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1002277.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536bb1cf7e5e542325a3d7fbcd156fa3c495c47550b7709bd1962b02af0b3188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
age
2906
last-modified
Wed, 16 Mar 2022 10:31:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0KYBDWZQJ7R3Y87D
x-amz-id-2
wYvkg8oW20CsNOUdYwcUQF/LNtI8LsA+OfX1R3XyXZLGxd7mMjgNbRWF0L80Wd1DTSK5L4qZppQ=
cf-bgj
minify
server
cloudflare
etag
W/"a682ed1108bc5c40e9be1182d3660b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6ef656faeb0b9238-FRA
expires
Tue, 22 Mar 2022 11:27:41 GMT
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 		1 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
HIT
age
2754
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3SH1PSEVTV59CSZD
x-amz-id-2
XhfZJEMZtqNRHMPQFgf1ChgjEe5aAVOEA+stQfffi10CROCVcSfBok4n4zqXcrod+98lm0aCye8=
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ef656fafb1f9238-FRA
expires
Tue, 22 Mar 2022 11:27:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:27:43 GMT
i.js
cm.mgid.com/ 		0
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1647862060627697654569
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ef656fb38d9926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame E2D8 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1647862060659459943485
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/gazetaexpress.com.1190148.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ef656fb690d926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
spt
tg1.aniview.com/api/adserver/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62275f105b58c742646fbf76&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1002277&AV_CDIM5=eb774259-a909-11ec-90ee-e43d1a2a96ea&AV_CDIM6=11
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.87.es6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2b4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea91033423ab4630ee6677425aac453d33ee2a31c12f19d24d8a081c0a22b03c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:27:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4611
Expires
Mon, 21 Mar 2022 11:32:41 GMT
player.js
player.aniview.com/script/6.1/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62275f105b58c742646fbf76&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1002277&AV_CDIM5=eb774259-a909-11ec-90ee-e43d1a2a96ea&AV_CDIM6=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2b4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
625d5045bbad85753d71af310f093afd66f84024777e2a6413cbd680429cd589

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduY_DInp5bOuDhm9XuxoVHsDfWI1MxWzCP7K0EU0NpWziVycqtlfGDZaZRHiEoMtGV7lNrFhzMUz3MuBIn-4jo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9411
last-modified
Tue, 15 Mar 2022 06:31:01 GMT
server
UploadServer
etag
"60628ffb0372df5b629246bd9c8c6ab9"
vary
Accept-Encoding
x-goog-hash
crc32c=pnoeTQ==, md5=YGKP+wNy31tikka9nIxquQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1647325860866945
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9411
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Mar 2022 11:32:41 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=59f9ead1073ef4627e1810fd&cid=62275ecce36d7d10c0062e14&cb=1647862061159&r=www.gazetaexpress.com&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&e=playerLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.209.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-209-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1002277&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22eb774259-a909-11ec-90ee-e43d1a2a96ea%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=8671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ef656fe8f6e9238-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AVmanager.js
player.aniview.com/script/6.1/ Frame 4D2C 		364 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2b4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
624bb529d39e9f16e1be8aaeb07645c36c9a44f32ed2cb8f48e08657b076e68c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvX_hutG41CYO-3GkD5Vsd4Vw50LSHkfEw71HeNtkLNRflm7_XKe_hoRQUEaivKcf6NQCBK_6GNAy50_957FMk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104648
last-modified
Thu, 17 Mar 2022 07:46:20 GMT
server
UploadServer
etag
"edfdc1c027f3005cf82800fd81f3275d"
vary
Accept-Encoding
x-goog-hash
crc32c=B5yC1g==, md5=7f3BwCfzAFz4KAD9gfMnXQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1647503180640239
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104648
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Mar 2022 11:32:41 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.gazetaexpress.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=eb774259-a909-11ec-90ee-e43d1a2a96ea&cd6=11&ic=0&tgt=0&app=&wi=409&he=230&test=&d36=6.2.6&apppkg=&fv=3&proto=https&pid=59f9ead1073ef4627e1810fd&cid=62275ecce36d7d10c0062e14&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&e=inventory&vi=0&cb=1647862061272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.209.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-209-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62275f105b58c742646fbf76&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1002277&AV_CDIM5=eb774259-a909-11ec-90ee-e43d1a2a96ea&AV_CDIM6=11&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&AV_CHANNELID=62275ecce36d7d10c0062e14&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gazetaexpress.com&AV_DADPOS=3&AV_TAG=62275f105b58c742646fbf76&AV_TEMPLATE=621dfaa1d69de723ea304de6&d36=6.2.6&responsive=1&sver=2&avtoken=61271&AV_WIDTH=409&AV_HEIGHT=230&AV_DNT=0&cb=1647862061300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.20.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-20-60.compute-1.amazonaws.com
Software
/
Resource Hash
de013991e72c88028913d98698f347f511d17b70fd86c75322f8c0ea52d8d476

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 09 Mar 2022 21:41:02 GMT
graphql
s333.adxpremium.services/ 		83 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash
6d971959dffab6299841ea510fcfd76adce0e5e77cce5676405f818a9bdd64a3

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
83
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetaexpress.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
date
Mon, 21 Mar 2022 11:27:42 GMT
content-length
0
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame E328 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c83f65eca82d2c5cf5dbcbfc755d5a1a5348761eac19194c8347012eafcf3285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
MiqbIIzyloqN_C4aSFToOZFpEz1qhxSy
content-encoding
gzip
etag
"e6692396713470d43fdc86d1ce67d3ab"
age
16
x-cache
HIT
content-length
20299
x-amz-id-2
qnz2dDvkbO7A/vxNQrnp98jYOXnA5SOw8x00/VdPAkxHm2M0f4u9VKusbLtjOYeeFkz2e211kGU=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 20 Mar 2022 12:58:21 GMT
server
AmazonS3
x-timer
S1647862062.091502,VS0,VE1
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
x-amz-request-id
VZ5TD242BYPEP6XC
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
35
x-cache-hits
1
/
projectagora-483829-hdb.adomik.com/ Frame 5665 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiOWE2NWNiZmMtOWQyNS00MjllLTg0NjYtZDY5MjhhN2E4M2RkIiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJJWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IlRSSVBMRUxJRlQifSx7ImJpZGRlciI6IkFQUE5FWFVTIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=9a65cbfc-9d25-429e-8466-d6928a7a83dd&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.147.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-147-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 21 Mar 2022 11:27:42 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/ Frame F115 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c83f65eca82d2c5cf5dbcbfc755d5a1a5348761eac19194c8347012eafcf3285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
MiqbIIzyloqN_C4aSFToOZFpEz1qhxSy
content-encoding
gzip
etag
"e6692396713470d43fdc86d1ce67d3ab"
age
16
x-cache
HIT
content-length
20299
x-amz-id-2
qnz2dDvkbO7A/vxNQrnp98jYOXnA5SOw8x00/VdPAkxHm2M0f4u9VKusbLtjOYeeFkz2e211kGU=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 20 Mar 2022 12:58:21 GMT
server
AmazonS3
x-timer
S1647862062.099338,VS0,VE0
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
x-amz-request-id
VZ5TD242BYPEP6XC
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
35
x-cache-hits
2
/
projectagora-483829-hdb.adomik.com/ Frame 2E1E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNWViNzU1YzMtMmUxOS00ZTExLTg2ODUtODAzYWJlMTViN2I4IiwiaG9zdG5hbWUiOiJ3d3cuZ2F6ZXRhZXhwcmVzcy5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJUUklQTEVMSUZUIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJDUklURU8ifSx7ImJpZGRlciI6IkNSSVRFTyJ9LHsiYmlkZGVyIjoiQ1JJVEVPIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiSVgifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=5eb755c3-2e19-4e11-8685-803abe15b7b8&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.147.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-147-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 21 Mar 2022 11:27:42 GMT
Server
nginx
impl.20220319-2-RELEASE.js
cdn.taboola.com/libtrc/ Frame E328 		621 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9cce687259803b513d2ea269400b8ef83a08d980d57721898f5e0b26f588daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
LThhP0TeUqvLXt9aD0JX4dZu2R0zmMed
content-encoding
br
etag
"11ae81f5b023e6400ecc9d0b627ab6b5"
age
25682
x-cache
HIT
content-length
131449
x-amz-id-2
xuvPcN0f8hsMsP6XHAm0THR1TAptFla3qJkViUClSjCuQ3M/l0jJgQOiQoUqOeGChnMxqnWKJ5E=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 20 Mar 2022 12:18:55 GMT
server
AmazonS3-br
x-timer
S1647862062.172841,VS0,VE0
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
x-amz-request-id
TD1CZRV2J04N7QG4
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
32790
impl.20220319-2-RELEASE.js
cdn.taboola.com/libtrc/ Frame F115 		621 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9cce687259803b513d2ea269400b8ef83a08d980d57721898f5e0b26f588daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
LThhP0TeUqvLXt9aD0JX4dZu2R0zmMed
content-encoding
br
etag
"11ae81f5b023e6400ecc9d0b627ab6b5"
age
25682
x-cache
HIT
content-length
131449
x-amz-id-2
xuvPcN0f8hsMsP6XHAm0THR1TAptFla3qJkViUClSjCuQ3M/l0jJgQOiQoUqOeGChnMxqnWKJ5E=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 20 Mar 2022 12:18:55 GMT
server
AmazonS3-br
x-timer
S1647862062.175165,VS0,VE0
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
x-amz-request-id
TD1CZRV2J04N7QG4
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
32791
json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame E328 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=11%3A27%3A41.550&lti=deflated&data=%7B%22id%22%3A385%2C%22ii%22%3A%22%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1647781094561%2C%22vi%22%3A1647862061548%2C%22cv%22%3A%2220220319-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%2C%22vpi%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D1%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d03630319b6f04fe02eec0e4bdde8e2fd620ab570ae105be45893e2c593e06d

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
149
date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
server
nginx
x-timer
S1647862062.236294,VS0,VE149
x-served-by
cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/ Frame F115 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/trc/3/json?tim=11%3A27%3A41.574&lti=deflated&data=%7B%22id%22%3A634%2C%22ii%22%3A%22%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1647781094561%2C%22vi%22%3A1647862061548%2C%22cv%22%3A%2220220319-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%2C%22vpi%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16604718%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fe-gjeni-dot-kafshen-ne-kete-fotografi%2CgazetaexpressDisplay-16604718%3Dthumbnails-a%3Aabp%3D1%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc1d9e9768dc2aac87ca93ca9d1ec82dfabf771df03e6636deb4e4972aa14dc5

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
109
date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
server
nginx
x-timer
S1647862062.258319,VS0,VE109
x-served-by
cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cookiesyncendpoint
sync.aniview.com/ Frame 83CA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D200%26key%3D%5BRX_UUI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D200%26key%3D%5B...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4048815948
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4048815948
  • https://sync.1rx.io/usersync/tradedesk/fff12db2-7d02-4752-a225-ce1bafbf9fe2
  • https://sync.targeting.unrulymedia.com/csync/RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=200&key=RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
0
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=200&key=RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.158.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-158-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-length
0

Redirect headers

server
Tengine
date
Mon, 21 Mar 2022 11:27:43 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=200&key=RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
etag
RXc3f5e66f533b4ac7b1d3da4e4fb1464a003
services
sync.technoratimedia.com/ Frame 81C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1647862062236-953919478774-005576-007-000170&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
nginx
date
Mon, 21 Mar 2022 11:27:42 GMT
access-control-allow-origin
https://www.gazetaexpress.com/
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
909919332
age
0
via
1.1 varnish
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B31F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=17617
expires
Mon, 21 Mar 2022 16:21:19 GMT
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame F1F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Mon, 21 Mar 2022 11:27:42 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
X-Sovrn-Pod
ad_ap4ams1
cookiesyncendpoint
sync.aniview.com/ Frame 4FB6
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=56&pid=59c9148628a0612da3689288&key=419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=56&pid=59c9148628a0612da3689288&key=419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.158.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-158-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-length
0

Redirect headers

location
https://sync.aniview.com/cookiesyncendpoint?auid=1647862062236-953919478774-005576-007-000170&biddername=56&pid=59c9148628a0612da3689288&key=419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
content-length
0
date
Mon, 21 Mar 2022 11:27:42 GMT
server
_
occ
ups.analytics.yahoo.com/ups/58543/ Frame 819E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age
0
server
ATS/9.1.0.33
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=1364&t=1647862062&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=409&he=230&app=&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&test=&aafaid=&proto=https&uid=1647862062236-953919478774-005576-007-000170&cha=0.05&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&d36=6.2.6&cb=93090903974&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=eb774259-a909-11ec-90ee-e43d1a2a96ea&cd6=11&d9=1000&d37=realtime&AV_WIDTH=409&AV_HEIGHT=230&nid=59f9ead1073ef4627e1810fd&ncid=62275ecce36d7d10c0062e14&e=request&cb=1647862061641&asid=622a1d32a6d5b742d87b76f5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.209.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-209-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
vpaid.impactify.media/ 		851 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.impactify.media/?appId=gazetaexpress.com&style=impact&cbb=7862061640
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
432df4694f253980a289d80298ba613964121aadb94c34ac585281f4858bc0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.gazetaexpress.com
date
Mon, 21 Mar 2022 11:27:42 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
851
content-type
text/xml; charset=utf8
userx.20220319-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F115 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220319-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ed4c8a8cbe31d3903b2903265b1b5df60688fb01475d5097e9bb942df8e078b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
n_pX6m1LUS0lkBZBEkRVgQcwtqg9PnE6
content-encoding
gzip
etag
"dd0f879c1435bf9eb579c7ad2dc4d0b1"
age
19
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
JBvgXsJiShLURWcpVCL/jOyuB65dZJE4NOZ6sU0N9P40deUKCUhNb96gUNCEb8twuBykl+Creac=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 20 Mar 2022 12:41:02 GMT
server
AmazonS3
x-timer
S1647862062.394827,VS0,VE0
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
x-amz-request-id
VJ0Q3GEHWTRBK48B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
14
userx.20220319-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame E328 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220319-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16604718/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ed4c8a8cbe31d3903b2903265b1b5df60688fb01475d5097e9bb942df8e078b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
n_pX6m1LUS0lkBZBEkRVgQcwtqg9PnE6
content-encoding
gzip
etag
"dd0f879c1435bf9eb579c7ad2dc4d0b1"
age
19
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
JBvgXsJiShLURWcpVCL/jOyuB65dZJE4NOZ6sU0N9P40deUKCUhNb96gUNCEb8twuBykl+Creac=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 20 Mar 2022 12:41:02 GMT
server
AmazonS3
x-timer
S1647862062.413806,VS0,VE0
date
Mon, 21 Mar 2022 11:27:42 GMT
vary
Accept-Encoding
x-amz-request-id
VJ0Q3GEHWTRBK48B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
15
fix-user-id
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame E328 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/fix-user-id?lti=deflated&ri=b01caa25b2d911c46623f67bfeb532e8&sd=v2_b60e34736f85df1abab7d447da7dfcab_ee746df9-9177-42d8-8426-12e73d9ec3b6-tuct931e6ae_1647862062_1647862062_CIi3jgYQwqxKGOyz7uH6LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&ui=ee746df9-9177-42d8-8426-12e73d9ec3b6-tuct931e6ae&pi=/e-gjeni-dot-kafshen-ne-kete-fotografi&wi=8369033718215143561&pt=text&vi=1647862061548&time=1647862061726&fromUser=6dda7849-896d-476c-a059-9c9a028ca3ab-tuct931e6ae&toUser=ee746df9-9177-42d8-8426-12e73d9ec3b6-tuct931e6ae&fromSD=v2_d22f77bc79042945a473ed375e3397ad_6dda7849-896d-476c-a059-9c9a028ca3ab-tuct931e6ae_1647862062_1647862062_CIi3jgYQwqxKGOyz7uH6LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&toSD=v2_b60e34736f85df1abab7d447da7dfcab_ee746df9-9177-42d8-8426-12e73d9ec3b6-tuct931e6ae_1647862062_1647862062_CIi3jgYQwqxKGOyz7uH6LyABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjb_5X0ga2ul6YBcAA&tim=11%3A27%3A41.726&id=4214&llvl=2&cv=20220319-2-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
via
1.1 varnish
server
nginx
x-timer
S1647862062.414801,VS0,VE9
x-served-by
cache-hhn4022-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
c
c.mgid.com/ 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=400|108|8|Oh3x5q7GS8zKlCYqWXahpVoWa0JDkup24uAuuSWEWCKuNl_ljf5gt2SSpjm3XDfr&fi=1&extjs=66044&cid=1190148&h2=CBvd3SiXK6CDlaashqQY2B-LAifAvcAwR1nWkedwnPI*&rid=eb776ad3-a909-11ec-b342-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=17fac3b9502960c3239&cbuster=1647862061734596783650&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
cc86ca5a-d753-45c7-beac-d3da397bf8e0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ef657021bc19238-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
c
c.mgid.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=400|108|8|CB1-_-RA6lYlcfEK8vW97Outzx0toTH5zh0Tp44kDnMxBrFp9AFlwh54woUYzPq5&fw=1&extjs=66044&cid=1190148&h2=CBvd3SiXK6CDlaashqQY2B-LAifAvcAwR1nWkedwnPI*&rid=eb776ad3-a909-11ec-b342-e43d1a2a53a0&tt=Direct&iv=11&pageImp=0&pvid=17fac3b9502960c3239&cbuster=1647862061734649198488&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
21630548-1a1e-4071-a9fa-fc4620778281
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ef657021bc29238-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
ricambi-stampante-1200x720.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.docbuy.it/wp-content/uploads/2018/01/ Frame F115 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.docbuy.it/wp-content/uploads/2018/01/ricambi-stampante-1200x720.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe0a12f50be33f9a0baec9ab32d31a115599d45942cbacc32bca3e98dcf559ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 21 Mar 2022 11:27:42 GMT
via
1.1 varnish, 1.1 varnish
age
328639
edge-cache-tag
528015449056860458914309601902514031128,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
528015449056860458914309601902514031128,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
483
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.docbuy.it/wp-content/uploads/2018/01/ricambi-stampante-1200x720.jpg
content-length
17560
x-request-id
e918087ca23d133cf6dfe5e7ba7154e9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 09 Mar 2022 21:25:13 GMT
server
nginx
x-timer
S1647862062.423726,VS0,VE1
etag
"8f8b089520f2d7f385ff2b8d6500cde9"
x-served-by
cache-wdc5531-WDC, cache-iad-kjyo7100104-IAD, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
cd3bacd4876d3e6e0f09abcc277472a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E328 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd3bacd4876d3e6e0f09abcc277472a8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
30b8d0bbd0e0ad5555a40f2eddd0e8ddf4f863f5c16367c9496a7cc6797e6f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 21 Mar 2022 11:27:42 GMT
via
1.1 varnish, 1.1 varnish
age
851455
edge-cache-tag
587567397553241663533271733998135972810,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
587567397553241663533271733998135972810,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
93
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd3bacd4876d3e6e0f09abcc277472a8.jpg
content-length
12924
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 11 Mar 2022 12:53:57 GMT
server
nginx
x-timer
S1647862062.427851,VS0,VE1
etag
"15fbda4695d12ca16ebd5dabd7bfbcfc"
x-served-by
cache-wdc5535-WDC, cache-iad-kjyo7100082-IAD, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
PugMaster
image6.pubmatic.com/AdServer/ Frame B31F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76263558&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647862062236-953919478774-005576-007-000170%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-length
0
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame F115 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=11%3A27%3A41.752&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8725&cv=20220319-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13655
debug
am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/ Frame E328 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gazetaexpress300x250hu-r16604718/log/2/debug?tim=11%3A27%3A41.757&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6052&cv=20220319-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13655
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=1364&t=1647862062&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=409&he=230&app=&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&test=&aafaid=&proto=https&uid=1647862062236-953919478774-005576-007-000170&cha=0.05&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&d36=6.2.6&cb=93090903974&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=eb774259-a909-11ec-90ee-e43d1a2a96ea&cd6=11&d9=1000&d37=realtime&AV_WIDTH=409&AV_HEIGHT=230&nid=59f9ead1073ef4627e1810fd&ncid=62275ecce36d7d10c0062e14&e=bid&cb=1647862061765&asid=622a1d32a6d5b742d87b76f5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.209.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-209-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ricambi-stampante-1200x720.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.docbuy.it/wp-content/uploads/2018/01/ Frame F115 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.docbuy.it/wp-content/uploads/2018/01/ricambi-stampante-1200x720.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe0a12f50be33f9a0baec9ab32d31a115599d45942cbacc32bca3e98dcf559ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 21 Mar 2022 11:27:42 GMT
via
1.1 varnish, 1.1 varnish
age
328639
edge-cache-tag
528015449056860458914309601902514031128,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
528015449056860458914309601902514031128,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
483
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.docbuy.it/wp-content/uploads/2018/01/ricambi-stampante-1200x720.jpg
content-length
17560
x-request-id
e918087ca23d133cf6dfe5e7ba7154e9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 09 Mar 2022 21:25:13 GMT
server
nginx
x-timer
S1647862062.466750,VS0,VE0
etag
"8f8b089520f2d7f385ff2b8d6500cde9"
x-served-by
cache-wdc5531-WDC, cache-iad-kjyo7100104-IAD, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
cd3bacd4876d3e6e0f09abcc277472a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E328 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd3bacd4876d3e6e0f09abcc277472a8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
30b8d0bbd0e0ad5555a40f2eddd0e8ddf4f863f5c16367c9496a7cc6797e6f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 21 Mar 2022 11:27:42 GMT
via
1.1 varnish, 1.1 varnish
age
851455
edge-cache-tag
587567397553241663533271733998135972810,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
587567397553241663533271733998135972810,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
93
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cd3bacd4876d3e6e0f09abcc277472a8.jpg
content-length
12924
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 11 Mar 2022 12:53:57 GMT
server
nginx
x-timer
S1647862062.467074,VS0,VE0
etag
"15fbda4695d12ca16ebd5dabd7bfbcfc"
x-served-by
cache-wdc5535-WDC, cache-iad-kjyo7100082-IAD, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
loader.js
ad.impactify.io/static/ad/vpaid/ Frame A3F5 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.io/static/ad/vpaid/loader.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b053dde159f22e07f8e61fb45db7f84b5a71824db82684c5a8f8313332c127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1358
x-amz-request-id
HXCRXDE5VDAFFRB6
x-amz-id-2
vV6aMncQPXAXw9lSHi0LCcR4HPl71YlEdenseq+rkMzokKKctXWp/pHEfa7yV7awcZo7EUMYEro=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"da7555fdf0391e91d6fba03a89461caa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
dWeqBcVwbtJqeIdgkzTGoK6Uo7hEQ.V6
cf-ray
6ef65702bbd49a05-FRA
expires
Mon, 21 Mar 2022 12:27:42 GMT
tag.js
ad.impactify.io/static/ad/v5-1.7.3/ Frame A3F5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.io/static/ad/v5-1.7.3/tag.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/vpaid/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
510176b9d8a0b82945b7bef32173f64c7e95580d03a9776dca69e5258b9b49c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
353
x-amz-request-id
4ESX5CRCCQM6DYC3
x-amz-id-2
8CorgC5T6mbwRRgeBelMuzNi1kOpIMpAcbNnXy3T2j/ZcVwFAlqp753W87alFItSpkA/sdITq4s=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"19f469a19b04cd39517920c9254cbbd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
YdDoVpa.SuNsPLRifZasRD03h8JXm2_S
cf-ray
6ef65702ec1e9a05-FRA
expires
Mon, 21 Mar 2022 12:27:42 GMT
screen.js
ad.impactify.io/static/ad/v5-1.7.3/ 		236 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08d78617316b2b9ed4a3726b8fb1e8d74162fcac6cfe467e767bd7eff138ae9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1648
x-amz-request-id
75V1R6YGYQRDSTW7
x-amz-id-2
veGzyyliAz7XCoB9Z4OlnHr2NDQ6aRfZvwT2K5T9Ra1zMa/Zfsbx33KPDAPNzd2LuNr8DW5KoCw=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"7fa312f400b87ea15d27e706509f3c88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
gq9lhPaidi2xEGNc3YugUyThxpO_Ee7V
cf-ray
6ef657031c6d9a05-FRA
expires
Mon, 21 Mar 2022 12:27:42 GMT
loader.json
dvr.impactify.io/gazetaexpress.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dvr.impactify.io/gazetaexpress.com/loader.json?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd71f94228b51de5b1745a8d35ef3b6700ded352aabfd412aaaad9d42e833b09

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
3403
content-type
application/json; charset=utf-8
x-amz-request-id
T7W5928596KW4M45
x-amz-id-2
o7ZW0Tumw2MPJ6m1qh43IwpzMMGe8fws/24LUXssbh/546W/eDl/H8tJwXYVRsMIJchz5j6JAjQ=
last-modified
Tue, 15 Mar 2022 13:01:02 GMT
server
cloudflare
etag
W/"1a5a07c098dcf39b9d021948458b312d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-language
en
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6ef657047ef65b4a-FRA
expires
Mon, 21 Mar 2022 11:57:42 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Mar 2022 11:27:42 GMT
ac
www8.smartadserver.com/ Frame 1649 		16 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=894934&insid=7517180&tmstp=113054117&out=js
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
cookie_sync.html
sonic.impactify.media/static/ Frame FF59 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
280b57a57e08af36875437fd24f32086a15be46cc6facb69cb6aa695eebc04db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

server
nginx/1.18.0
date
Mon, 21 Mar 2022 11:27:42 GMT
content-type
text/html; charset=utf-8
accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
last-modified
Mon, 21 Mar 2022 07:09:17 GMT
pragma
no-cache
vary
Accept-Encoding Origin
async_usersync.html
acdn.adnxs.com/dmp/ Frame 280C
Redirect Chain
  • https://ib.adnxs.com/async_usersync_file?gdpr=0
  • https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.83 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-83.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 22 Mar 2022 11:27:44 GMT
Date
Mon, 21 Mar 2022 11:27:42 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
nginx/1.21.3
Date
Mon, 21 Mar 2022 11:27:42 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Location
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
AN-X-Request-Uuid
a5347d00-1803-4455-85ac-a1ee79fce7ab
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
handcheck.png
pg.impactify.io/gazetaexpress.com/ 		95 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pg.impactify.io/gazetaexpress.com/handcheck.png?screen=inline&v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Mar 2022 11:06:43 GMT
server
cloudflare
age
1259
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
cf-ray
6ef65704fef69a05-FRA
expires
Mon, 21 Mar 2022 11:57:42 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0
  • https://sync.search.spotxchange.com/partner?source=176703&gdpr=0&__user_check__=1&sync_id=ec86c3a4-a909-11ec-98ff-1ac054420306
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESEGnXx8Vhs8sEsUI_Hrg2QpE&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=fff12db2-7d02-4752-a225-ce1bafbf9fe2&img=1
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=67be6238-612f-4700-8829-68c2920545ff&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=30&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=30&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=8459&uid=1915818441526398307&img=1
  • https://dsp.adfarm1.adition.com/cookie/?ssp=14&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7577&uid=7077513668928796827&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=&_test=YjhhLwAAA...
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjhhLwAAAt2b8AA-&img=1&gdpr=0&gdpr_consent=&_test=YjhhLwAAAt2b8AA-
  • https://pm.w55c.net/ping_match.gif?st=SPOTX&rurl=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6465%26uid%3D_wfivefivec_%26img%3D1&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=SPOTX&rurl=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6465%26uid%3D_wfivefivec_%26img%3D1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=6465&uid=CTuBb02F1Nwgco5&img=1&gdpr=0&gdpr_consent=
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6465&uid=CTuBb02F1Nwgco5&img=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:27:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
130
Connection
keep-alive
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:43 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://sync.search.spotxchange.com/partner?adv_id=6465&uid=CTuBb02F1Nwgco5&img=1&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:42 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1647862062870027-513
Expires
Mon, 21 Mar 2022 11:27:42 GMT
p-dGVNbBUC43xtN.gif
pixel.quantserve.com/pixel/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-dGVNbBUC43xtN.gif?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
hls.js@latest
cdn.jsdelivr.net/npm/ Frame 21F4 		315 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@latest
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7559
x-jsd-version
1.1.5
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"4eb29-4v2sGw7mpSOmcj8olLhMCR3UuXM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ef657058b6b8fef-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 21F4 		371 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126232
x-xss-protection
0
expires
Mon, 21 Mar 2022 11:27:43 GMT
lib.js
ad.impactify.io/static/ad/v5-1.7.3/ Frame 21F4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.io/static/ad/v5-1.7.3/lib.js?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df6389112c769e2c4c7b4882b78a8cfaee2fa1d79bc7f033af872e4859e7ae5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1168
x-amz-request-id
68SNNANSAFYR9TCM
x-amz-id-2
W0XrQbnL+zEmfpLWiCw7dKp/0XPrx6GMjTs80eh6MyVUmoOjckA1KvGSikzdA8NlbyvUs+33OJo=
last-modified
Tue, 15 Mar 2022 09:09:15 GMT
server
cloudflare
etag
W/"266110367bf03c2588bb73480532da46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-version-id
zU9PA2V_Hl_5T1BzFMCrfV6a5prK0XGp
cf-ray
6ef657056f819a05-FRA
expires
Mon, 21 Mar 2022 12:27:42 GMT
adj
ad.360yield.com/ Frame 623A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ba6611b02eb043228924ead94a76557456e842dfcc03a286d6dba1f4d39c3a31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
content-length
982
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
gpt.js
www.googletagservices.com/tag/js/ Frame 8DDE 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5c3ebcc76d438ea9300125bc48b3ab645d644a3634a7119034fb6867561cf23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27846
x-xss-protection
0
server
sffe
etag
"1164 / 371 of 1000 / last-modified: 1647852077"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:27:43 GMT
syncframe
gum.criteo.com/ Frame D2D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2270
date
Mon, 21 Mar 2022 11:27:42 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Mar 2022 11:27:43 GMT
cookie_sync
sonic.impactify.media/ Frame FF59 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sonic.impactify.media/cookie_sync
Requested by
Host: sonic.impactify.media
URL: https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a28a0728c160ca3d1a22ca3f2db52b18a581260578f008011b5bda4d64894005

Request headers

Referer
https://sonic.impactify.media/static/cookie_sync.html?gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
server
nginx/1.18.0
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonic.impactify.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1335
expires
0
beacon
ap.lijit.com/ Frame 9EC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13396601
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Mon, 21 Mar 2022 11:27:43 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod
ad_ap4ams1
check.html
biddr.brealtime.com/ Frame 2487 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Date
Mon, 21 Mar 2022 11:27:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2190
Expires
Mon, 21 Mar 2022 12:27:43 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ef6570698759122-FRA
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 8599 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/gazetaexpress.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 21 Mar 2022 11:27:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
setuid
sonic.impactify.media/ Frame FF59
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER...
  • https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=720bfe3d-9977-407c-a012-b029a874e3c2
0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=720bfe3d-9977-407c-a012-b029a874e3c2
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=720bfe3d-9977-407c-a012-b029a874e3c2
date
Mon, 21 Mar 2022 11:27:43 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
async_usersync
ib.adnxs.com/ Frame 280C 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:43 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
251a7e93-b7b1-4275-95e0-c6ae7334db3e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5665 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Mar 2022 11:27:43 GMT
moatad.js
z.moatads.com/improvedigitaldisplay945272226933/ Frame 623A 		300 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/improvedigitaldisplay945272226933/moatad.js
Requested by
Host: ad.360yield.com
URL: https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
38ce2a0502a4a32f4d0f5855152103292aed471d22a6812ca3971c860c0b637d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:18:09 GMT
server
AmazonS3
x-amz-request-id
TWNPT5YBSC5G43SY
etag
"7d10eda7522d3f6d0e5b3a25438c9a39"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19239
accept-ranges
bytes
content-length
104123
x-amz-id-2
gn2+0ez8X2wgYM9X0d3VP3ryxeQQHVGG1Ebu1c1Zfaj1hkm5tmdQWwjnmQFIKWTxFEJRUVua13Q=
imp_pixel
euw-ice.360yield.com/ Frame 623A 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw-ice.360yield.com/imp_pixel?ic=kH5GOAs3S42yxmuxCRQW16MgpkAdXSq7r2pdDvDpeNr25Gy3xk1qWlw5lOy6pzV2Kg00ovKka549tisYTbvts4VccPQBI9FlpGgveu.iBZgmp5UpU6SezJICiNed6nTXEQp.DwH3xaxyMrnfcsLNpxOWCGl0MEjMYaunOhXOkwGwLtzj0Otk14fR4QQYgupPdV7HN4x15DaQcTe8sHlsI4jmv6xGbUcrAN39cZITWeaPIcdyIantymW9Iuptljd2DYkBp90RmcsdUPfyS08mLhc.f0rjDcEmb9IGMADWV061XIkDHPm.E6KRh9rpWSJO-4WaWa1tiKbsnWT.XL48rl04-zS1RyS7je6qMZ2bSPtK1k6ng2JGZe9toRLWPK7ScpE.KnJp68EQKhBedl9pA7wtgAg.Y9bnjBwghIxEP67TfVKsrEEcb9aG.vF2b25J89dua9D3M.m9rPr9TgMShrXXvcuhF4031DFWu1Wi8BIRPw==
Requested by
Host: ad.360yield.com
URL: https://ad.360yield.com/adj?p=1134661&w=1&h=1&tz=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:27:43 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1x1.jpg
creative.360yield.com/file/852/ Frame 623A 		631 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.360yield.com/file/852/1x1.jpg
Requested by
Host: www.gazetaexpress.com
URL: https://www.gazetaexpress.com/E-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c000:1:7eae:e800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 00:14:48 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
last-modified
Tue, 03 May 2011 14:24:12
server
Apache
age
558775
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-length
631
x-amz-cf-id
pHRU-JZDOtp-9bsBvs6F_SjpSKo9NKZO0dSm0INXL0TATQ35raAXFg==
sid
mug.criteo.com/ Frame D2D0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=sb7CxnxUZGFWdGF3VFF4MWlSeG9FYmpDN2lwZnJFV2JiTHNtMWJTcmFObGhXYjRtdEYrdWw2Zjk4R0lQeWR0MkNCTVJ6WnlFY2NhTUs1T3lYQlBGTHIvMG5kNDJHejZpUVJlazZreWg2VGNGL0o2akNJL3Z2S21KR1Myal...
446 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=sb7CxnxUZGFWdGF3VFF4MWlSeG9FYmpDN2lwZnJFV2JiTHNtMWJTcmFObGhXYjRtdEYrdWw2Zjk4R0lQeWR0MkNCTVJ6WnlFY2NhTUs1T3lYQlBGTHIvMG5kNDJHejZpUVJlazZreWg2VGNGL0o2akNJL3Z2S21KR1MyalFsNkd0alZnZnZJVXR1VmEwWDBNcDVCR2crVUtiRUppem1DSkliV0Vaby9oSjI0M2M1TVpTalJwbzVGY0h6by94U3lWcWsvUTdOMXBqN1BMd0NKdDZIQi9wa0tWTnhXSm9WUVpqOUNYOU5YUHZvK2pSN3A2NWJUV0x6d1pzYnIwNS91enRuN001a0MxaFpQdjBXdFdqa09vWWQrQUpsdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ae26e7bfd317b42785ff20621ecf30d7157d74a153453147a6ef09a561631fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4481
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=sb7CxnxUZGFWdGF3VFF4MWlSeG9FYmpDN2lwZnJFV2JiTHNtMWJTcmFObGhXYjRtdEYrdWw2Zjk4R0lQeWR0MkNCTVJ6WnlFY2NhTUs1T3lYQlBGTHIvMG5kNDJHejZpUVJlazZreWg2VGNGL0o2akNJL3Z2S21KR1MyalFsNkd0alZnZnZJVXR1VmEwWDBNcDVCR2crVUtiRUppem1DSkliV0Vaby9oSjI0M2M1TVpTalJwbzVGY0h6by94U3lWcWsvUTdOMXBqN1BMd0NKdDZIQi9wa0tWTnhXSm9WUVpqOUNYOU5YUHZvK2pSN3A2NWJUV0x6d1pzYnIwNS91enRuN001a0MxaFpQdjBXdFdqa09vWWQrQUpsdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2547
content-length
541
expires
0
pubads_impl_2022031502.js
securepubads.g.doubleclick.net/gpt/ Frame 8DDE 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
sffe /
Resource Hash
35e86b97fb421ee544819a0f6cfc4d551f8b232969cfe954f9e24d65c476005c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123779
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 17:39:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 09:25:50 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2E1E 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Mar 2022 11:27:43 GMT
usync.js
eus.rubiconproject.com/ Frame 8599 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4907760af17c4b36f1048917f2e15e03788bf704c615407ed44d427aaa64a542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:27:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:27:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85032
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 22 Mar 2022 11:04:55 GMT
syncframe
gum.criteo.com/ Frame 2A23 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gazetaexpress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
5299
date
Mon, 21 Mar 2022 11:27:43 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame CA86 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
400468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 21F4 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Mar 2022 11:27:43 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=IMPROVEDIGITALDISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=2&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1647862062624&de=950644680505&m=0&ar=359f21c1e97-clean&iw=00a5661&q=2&cb=0&ym=0&cu=1647862062624&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=165017%3A106800%3A286996%3A440522&zMoatSZ=1x1&zMoatReferrer=gazetaexpress.com&zMoatBundle=-&zMoatRTBADV=-&zMoatRTBCR=-&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&id=1&ii=4&bo=195514&bd=1134661&zMoatOrigSlicer1=195514&zMoatOrigSlicer2=1134661&zMoatDomain=gazetaexpress.com&zMoatSubdomain=gazetaexpress.com&gw=improvedigitaldisplay945272226933&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A610%3A635%3A2329%3A683&fs=197273&na=765345227&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 21 Mar 2022 11:27:43 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5952 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:34:53 GMT
setuid
sonic.impactify.media/ Frame FF59
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_con...
  • https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=7372757361876725560
0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=7372757361876725560
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&uid=7372757361876725560
date
Mon, 21 Mar 2022 11:27:42 GMT
content-length
0
integrator.js
adservice.google.de/adsid/ Frame 8DDE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8DDE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8DDE 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=126577344748398&correlator=690600974791335&eid=31064905%2C31064926%2C31065682&output=ldjh&gdfp_req=1&vrg=2022031502&ptt=17&impl=fifs&npa=1&iu_parts=1030700%2Cimpactify_cr&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=998304649&sfv=1-0-38&ecs=20220321&ists=1&fsapi=false&cust_params=Domain%3Dgazetaexpress.com&sc=1&cookie=ID%3Dcafa88ec65a05ae8-22bb87f262cd0091%3AT%3D1647862060%3ART%3D1647862060%3AS%3DALNI_Mbd-zBhDmRNC2cz8fJ-MxO2k1vRTg&cdm=www.gazetaexpress.com&abxe=1&dt=1647862062726&lmt=1647862062&dlt=1647862062251&idt=465&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&ucis=kz5jdctgpzeg&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&top=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1779063154.1647862059&ga_sid=1647862063&ga_hid=1643037499&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.201.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s01-in-f66.1e100.net
Software
cafe /
Resource Hash
a23874e64b8722f8ebb2736a93cffe32bbb8fcd238544c2dc4bf4037d0e0fb72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2218
x-xss-protection
0
google-lineitem-id
92106010
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138333222540
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8DDE 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c742c7c83b1527508a18b249a880611aa8837649d6ca3ba8803c01c6ede05ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10602
x-xss-protection
0
container.html
094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:27:43 GMT
expires
Tue, 21 Mar 2023 11:27:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
getfile.webm
cdn.impactify.media/medias/ Frame 21F4 		4 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.impactify.media/medias/getfile.webm?v=5r88
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/lib.js?v=5r88
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.88.7 , France, ASN16276 (OVH, FR),
Reverse DNS
cdn-eu-de-01.impactify.media
Software
nginx/1.18.0 /
Resource Hash
a517a5cad068fcbbb3e85ce19b890ba1917954d6c507596f05e6ef2e2c34cad0

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
last-modified
Wed, 01 Dec 2021 15:05:30 GMT
server
nginx/1.18.0
access-control-allow-origin
*
etag
"61a78f3a-110f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/webm
Content-Range
bytes 0-4366/4367
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
4367
setuid
px.ads.linkedin.com/ Frame 8599
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10MIUWN-1D-3B5L
0
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10MIUWN-1D-3B5L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E3A216B7B1924C84A3AE2DC90EADDC85 Ref B: FRAEDGE1207 Ref C: 2022-03-21T11:27:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXauMjwyNpDdacKAx8oAA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10MIUWN-1D-3B5L
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 8599 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 8599
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTUlVV04tMUQtM0I1TA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTUlVV04tMUQtM0I1TA==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTUlVV04tMUQtM0I1TA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8599
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NUh1u6_rpNsI_bCNnJ29-sn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1907570622096027611
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1907570622096027611
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Mon, 21 Mar 2022 11:27:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1907570622096027611
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 8599 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 8599
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP0pTebMBhm6QmGc3Ja7gew&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP0pTebMBhm6QmGc3Ja7gew&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP0pTebMBhm6QmGc3Ja7gew&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8599
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWIxYTNmODA2MzYyMThhYWUyOTMwNjhhOGJlNDUxMDBjMTViYWVhYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWIxYTNmODA2MzYyMThhYWUyOTMwNjhhOGJlNDUxMDBjMTViYWVhYg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWIxYTNmODA2MzYyMThhYWUyOTMwNjhhOGJlNDUxMDBjMTViYWVhYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8599
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QkI2mqZDSfGVSmBhwoMX-A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QkI2mqZDSfGVSmBhwoMX-A
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QkI2mqZDSfGVSmBhwoMX-A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ET1TJ7AXXDJG9BV0S77F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QkI2mqZDSfGVSmBhwoMX-A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame F115 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1647862063.461354,VS0,VE9
x-served-by
cache-hhn4022-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/ Frame E328 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16604718/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1647862063.461734,VS0,VE8
x-served-by
cache-hhn4022-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
sid
mug.criteo.com/ Frame 2A23
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gazetaexpress.com&sn=ChromeSyncframe&so=0&topUrl=www.gazetaexpress.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=YJId-3xmQ2pETmx5a0NFSEhyRVhvNHluT3VXMUlEUXFyWTZRd0Vuc1NGMFQyd09pUmNoQW5kaElTWGlFcTh5QWZwUnZtMGI0NFlGWVFDVHFvLzJiQm9PRXFISHFibkVETXNodmR4VTc0QUVWYk5rQy8xUkMvV1JKK29nK2...
433 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YJId-3xmQ2pETmx5a0NFSEhyRVhvNHluT3VXMUlEUXFyWTZRd0Vuc1NGMFQyd09pUmNoQW5kaElTWGlFcTh5QWZwUnZtMGI0NFlGWVFDVHFvLzJiQm9PRXFISHFibkVETXNodmR4VTc0QUVWYk5rQy8xUkMvV1JKK29nK2oyVUdxNVdVRXpGVlg1WlQzblVaK3NlTlFhWGttdU5NM2hRbEQzZjVKNEd6VzF6Tm90TVhreVNodFEvNzcvbGlzL0k4WDhHWExWS2MzcFRSWWdzSjhPdVVDNGhrMzFUTDQvdmo3OGxNYThjOXp6Ky9TOHVSZml2bFQ1c3kwdHlaV0oxZWVwU1NFdldKZDArTWx3dG1HZmRWZXdvOWtaUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8af0958c15a39f3f34f465fa9aae061527543b3aacfdec37491ff2376ffe985c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4983
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=YJId-3xmQ2pETmx5a0NFSEhyRVhvNHluT3VXMUlEUXFyWTZRd0Vuc1NGMFQyd09pUmNoQW5kaElTWGlFcTh5QWZwUnZtMGI0NFlGWVFDVHFvLzJiQm9PRXFISHFibkVETXNodmR4VTc0QUVWYk5rQy8xUkMvV1JKK29nK2oyVUdxNVdVRXpGVlg1WlQzblVaK3NlTlFhWGttdU5NM2hRbEQzZjVKNEd6VzF6Tm90TVhreVNodFEvNzcvbGlzL0k4WDhHWExWS2MzcFRSWWdzSjhPdVVDNGhrMzFUTDQvdmo3OGxNYThjOXp6Ky9TOHVSZml2bFQ1c3kwdHlaV0oxZWVwU1NFdldKZDArTWx3dG1HZmRWZXdvOWtaUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1793
content-length
541
expires
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame F115 		254 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
15197
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4022-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1647862063.477517,VS0,VE0
date
Mon, 21 Mar 2022 11:27:43 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
37
x-cache-hits
7120
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame E328 		254 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
15197
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4022-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1647862063.478157,VS0,VE0
date
Mon, 21 Mar 2022 11:27:43 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
37
x-cache-hits
7121
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8DDE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031502.js?cb=31065682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:27:43 GMT
setuid
sonic.impactify.media/ Frame FF59
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58539/occ?gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58539/occ?gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-kcYAmUNE2uG5RJDE6fD7VySI.0kQN5DKcFVg4H4-~A&gdpr=0&gdpr_consent=
0
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-kcYAmUNE2uG5RJDE6fD7VySI.0kQN5DKcFVg4H4-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=yahoo&uid=y-kcYAmUNE2uG5RJDE6fD7VySI.0kQN5DKcFVg4H4-~A&gdpr=0&gdpr_consent=
date
Mon, 21 Mar 2022 11:27:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
setuid
sonic.impactify.media/ Frame FF59
Redirect Chain
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58503/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPecef7b3f-a909-11ec-b5ae-065f72b997e2
  • https://sonic.impactify.media/setuid?bidder=verizon&uid=y-LO6GMQdE2uJ2tGPz4d2jQlSzNpBRAjn1~A~UPecef7b3f-a909-11ec-b5ae-065f72b997e2
0
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonic.impactify.media/setuid?bidder=verizon&uid=y-LO6GMQdE2uJ2tGPz4d2jQlSzNpBRAjn1~A~UPecef7b3f-a909-11ec-b5ae-065f72b997e2
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://sonic.impactify.media/setuid?bidder=verizon&uid=y-LO6GMQdE2uJ2tGPz4d2jQlSzNpBRAjn1~A~UPecef7b3f-a909-11ec-b5ae-065f72b997e2
date
Mon, 21 Mar 2022 11:27:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ptv
secure.adnxs.com/ Frame CA86 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=24569975&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:43 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
adbd1a2c-9392-45e6-94b3-6df8f0df5e29
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 472C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
af388d463945f3ea43916da9c5ff751c77922e83b47a80cdf89658788dd26278
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wLNvU5xhNkl12rJGG8eoNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:27:43 GMT
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wLNvU5xhNkl12rJGG8eoNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D71F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8B1C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb009fe8dad1eb552b652f7b43ce0e30537de5f7ffe761526aaa90ca2541480b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SS0E9buretYmk4RdjZXMOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:27:43 GMT
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-SS0E9buretYmk4RdjZXMOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync.php
pixel.rubiconproject.com/exchange/ Frame FF59 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-impactify&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
setuid
sonic.impactify.media/ Frame FF59
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsonic.impactify.media%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7972238201079767659
0
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7972238201079767659
Protocol
H2
Server
217.160.255.213 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonic.impactify.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:43 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
37647088-bc6d-4af4-96c8-5f10ca2b1887
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sonic.impactify.media/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=7972238201079767659
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame D71F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
89409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 472C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031502&jk=126577344748398&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031502&jk=3565077800031037&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 63FE 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
89409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=2&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fcore%2Fbridge3.505.0_en.html%23goog_1419786152&i=IMPROVEDIGITALDISPLAY1&ol=3525919755&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bp7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-UAUb5sLyVy50og%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&id=1&ii=4&f=0&j=&t=1647862062624&de=950644680505&cu=1647862062624&m=596&ar=359f21c1e97-clean&iw=00a5661&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5800&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A610%3A635%3A2329%3A683&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=113&cd=0&ah=113&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=165017%3A106800%3A286996%3A440522&bo=195514&bd=1134661&gw=improvedigitaldisplay945272226933&zMoatOrigSlicer1=195514&zMoatOrigSlicer2=1134661&zMoatDomain=gazetaexpress.com&zMoatSubdomain=gazetaexpress.com&zMoatSZ=1x1&zMoatReferrer=gazetaexpress.com&zMoatBundle=-&zMoatRTBADV=-&zMoatRTBCR=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1750746872&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 21 Mar 2022 11:27:43 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 63FE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DTExFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D71F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q7M1vQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA86 		67 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&playerSize=640x360&zoneId=5672322&co=gazetaexpress.com&_fw_gdpr=0&loc=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:44 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1647862064044039-595
Expires
Mon, 21 Mar 2022 11:27:44 GMT
advast
ice.360yield.com/ Frame CA86 		27 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22734519&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 21 Mar 2022 11:27:44 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ac
www8.smartadserver.com/ Frame CA86 		129 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553659&fmtid=61987&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1647862063&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 280C 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:44 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
74d157db-face-4c37-9cac-9f6dec8dc7a0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame CA86 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=24569976&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:44 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
770b8e12-79c2-46db-a718-9b20b36409af
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame CA86 		27 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22734521&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 21 Mar 2022 11:27:44 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA86 		67 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&playerSize=640x360&zoneId=5672386&co=gazetaexpress.com&_fw_gdpr=0&loc=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:44 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1647862064151059-522
Expires
Mon, 21 Mar 2022 11:27:44 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cds-pips.js
cdn.taboola.com/scripts/ Frame F115 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1851
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4022-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1647862064.381386,VS0,VE0
date
Mon, 21 Mar 2022 11:27:44 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
4954
eid.js
cdn.taboola.com/scripts/ Frame F115 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
13639
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1647862064.381484,VS0,VE0
date
Mon, 21 Mar 2022 11:27:44 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
27383
cds-pips.js
cdn.taboola.com/scripts/ Frame E328 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1851
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
3ooERr0EdY38VCsujzdBLxFyMxxIwT9TvmjmUUsyE7y0ZsXAo3xsmgaOj6Q8i0uVgL3KsmWI/jru4l7xGcurVg==
x-served-by
cache-hhn4022-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1647862064.409932,VS0,VE0
date
Mon, 21 Mar 2022 11:27:44 GMT
vary
Accept-Encoding
x-amz-request-id
WS5T00GB0CFS2RGF
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
4955
eid.js
cdn.taboola.com/scripts/ Frame E328 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220319-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
13639
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
EwjnA1m7DFjnk4Q/HTHhIyhScuXOn45gr6W3OjlUeJRdijSn84zkGq2a9MhWZXCEkR6K5jj11w0=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1647862064.409999,VS0,VE0
date
Mon, 21 Mar 2022 11:27:44 GMT
vary
Accept-Encoding
x-amz-request-id
2NXV5CRDB1RZETY5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
27384
/
pips.taboola.com/ Frame F115 		64 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:44 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn4042-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
pips.taboola.com/ Frame E328 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:44 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn4042-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://www.gazetaexpress.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
ac
www8.smartadserver.com/ Frame CA86 		129 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553661&fmtid=67294&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1647862064&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:43 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
cds.taboola.com/ Frame F115 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=6dda7849-896d-476c-a059-9c9a028ca3ab-tuct931e6ae&uad=50188cba606965d44a4ee00eeb1e29a5b582c06a3e065dffbd0b29391d5a7497
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 21 Mar 2022 11:27:44 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame E328 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=ee746df9-9177-42d8-8426-12e73d9ec3b6-tuct931e6ae&uad=50188cba606965d44a4ee00eeb1e29a5b582c06a3e065dffbd0b29391d5a7497
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 21 Mar 2022 11:27:44 GMT
Cache-Control
no-store
Server
nginx
Connection
close
ptv
secure.adnxs.com/ Frame CA86 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=24569975&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:44 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
660f29b6-4441-45d6-9284-3cf767d63f0a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DDE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031502&jk=126577344748398&bg=!NjWlNXHNAAba2mK92to7ACkAdvg8WuYSGxlg4OdnbYG4xwif8hbaxxAI8f7f7cB3Cpj5h1f7txLaeAIAAAC_UgAAAAJoAQcKACC9DAA8AL01ZKR9m8a_BF1zLE68ZbKDI9qELNKTONl55pkDH32mX2VGUe0VNmV1KmOAxirbbyq9X3wSm2A1yoULWKpMuB_5fOuzIq6fNeulNUtcaou0rkXd7R8DBuxpsVmq1TCmqoOfV7QoB10JRCKW7I-CJyLlvis3qPxRUIdtp2z_tp75Yf99EZtAB2ObxTw8rAP9kryDdnvs_0By8FMdDsm5eWFSBreolvE8WFykx4seb_ibpQyeT8EThM_g9WIoUeA4iaYOUODa1A7F62w2arTXVl2ABzfWTEunqDRKTesVVNgL5MmgxlH2R4qQFa5663xN4xAAfvboIUhQ1-dFpryDRyW4mycRczs-iD018j-ZkJsrL-Vh359hlIBWARo-zt22d5rakelOixh_zzHpOwWG4DKX-Lzm7VrBME0-hIziPz8Drwq4j1FlUio2FmaXiI2Vwhw-xC4H6m2dnPusSiFtuCExztGw5ozJuNe-OrlCaGXQMECR2nlq3MTRtJfU_3HnT81_3sw5ofJiIypUkfbAc1u3Rp-pOx37KDw_py7bKmEZP8HPp168I8LAtG-UK9j5yMUJdE-osTuytVBS_Lqn6tp9I7EXs5v-QY8bqNbsyKrJxMrrIsu7dpE8I68BlR6o6eBVlReEoXIh_iriTbw97V4GBDGFH-PcPyHGK39qh01-6MWJkQy-MZiFNb5UmWR5rQTmIk_1q8UKcTH5BQuC3qPK00hrhZFUO9lPsDSOUnQBdmOFw0tnHEtJxcdygWOmYQ1idPdvAGGK2aLzE4gmupA0FqkLuetYCwpo2vadYS6PCwv93bE6RKjY5yfZUiIwdXAUE7hzSCRZcVbA4ITcuE69bqbAOcaW6ktK_1w0H8zigZyvFo0FcFvufQNncksfR3iDm8Q0Fzt9w6I9lP4hX5QmwZX3nPwgeGu79fhL9eYl646B9d3XYplQ3IzQiAR7lnex4iS2b101J44xvwUouU1KQoYiSe9LWd6mipRDQ-fICm9RQxDLLekbNb4kTVOCYoCNkVhtLPYKGuA0t7SruirDH_day4FC8PKoWfR9igVgQKgoT0UpCyeegJzWoBLo_ouiZzR9p-Bvx2kzG3U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031502&jk=3565077800031037&bg=!_f6l_rrNAAba2mK92to7ACkAdvg8WuPGpcdPX0yl-dMDXsktu326-fkc2B20byHvFOrLocpBKPlPIAIAAAC6UgAAAAJoAQcKAHOYBiV2-xCYICiohgveDxRYCluzWcmQ75L6sGr0HnKTQFNqTCYNygfcdp6YY8IjBFz4mEQ0QKeZvN4ErUE2TCufAQTMcUfRKN6WpGKIHuosurt0JjSkka8HCp_M1ZITYCyk1ZJJGhldlYBmtlBOvaGAzwpimQLpdy40aXOFKxwmlH5nqsce3iB-hqCsETHB2WhMVpQnzgOhVkAfSjZzNl7uxaF8gJT1dEkBh4uoGIUWXSNGonthKVbCDfN-Ry5eIjGN4mzYiBVp2u37xIZjNnPdhWQ_l8dmQPh8MseluY2Xo0D-9i3AmkO-8OtX1phzvcCWCnUG3xKmWlCtoRVRuwc0mZWf2uxIAoHCKE2J6TDYwwbrTKYRztpqdAYwDgA6G_BiEXTuvTSRqW0tthoOBGU_Xxyy8F1pIUsnWJfuNv9QxFzYBMPDsU45BdQAGccToq7_adp-rZ1ggoV-CH8PtR-d2kOIf__F5d_Vvlld6STsLrXZ8yQAitAK6KvO9gkeJfv38Jfvbx2RIREoqAC_E9ah3pybjcr3GFF9X8gVBPCEEH55NTXez7B6gsrIJJJbsXDYW9iqig2p1oYQUXCDNlNvJY-wQNg2UFdAlVVGBv6GrL_xYnZNdf-6iQO7UbIUGKVx2-FMyR6OMLDP7ETW4O5RhGAgAZNVyhzaSYZcl1GX6z3jVCugQ6Cei9vIquN4NjEUK183q_Wv5DR8PGuqfP6aWq-kRxScjA24OKRNL0DNlfU54o5-oQV9t_x-ruJf8JPbVo7PYP4unXBckoyWwa83V3tF1pahdm-5nGc9-PkNveMa2thv84r-f8kJPCeIHUh1bBez6dZLllq6sh5AfRcjL0DPU7rpnDgPnz3zM71y6npEDlIObAnJAbyKoqBJqNcWceZuYv1PlAxWPnTuGAjiXwo0WDCXuS5YbFNGP6DW2m1QLk8PDJx-79xdZWvKDD-ua6ujygVlyMPYq0sUz3Def3j2Ws0AsBuvzEpXrTeWvByyPwJ917vRjmNiFI4paziDkZVqxLhL2ETzueN46rH4HwAEgIdPD6PMRPk3MoEmlS3RQgbLrjqwIqTisXkgSOi5KQgg678EtBKgIIWS5-PL5nUn3T698GsAFejTlK1BKqtn4zFuZPEV5mWpFG3aDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA86 		67 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&playerSize=640x360&zoneId=5672322&co=gazetaexpress.com&_fw_gdpr=0&loc=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1647862064721067-388
Expires
Mon, 21 Mar 2022 11:27:45 GMT
advast
ice.360yield.com/ Frame CA86 		27 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22734519&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 21 Mar 2022 11:27:44 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ac
www8.smartadserver.com/ Frame CA86 		129 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553659&fmtid=61987&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1647862064&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:44 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 5665
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Mon, 21 Mar 2022 11:27:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 5665 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 5665
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU4MUVDMzYtODAyNC00MzdFLUE5NjItRkRGRTVBMzkwMjM3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 21 Mar 2022 11:27:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:301
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
u.openx.net/w/1.0/ Frame 2E1E 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 2E1E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDdEMjE0RUEtQ0EyMC00RUE0LTgwMTQtQTNDM0U4MTU1RDFF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 21 Mar 2022 11:27:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:441
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 2E1E
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Mon, 21 Mar 2022 11:27:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ptv
secure.adnxs.com/ Frame CA86 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=24569976&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
95ac5e47-d14a-4bef-bdff-0a45073e1987
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame CA86 		27 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22734521&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 21 Mar 2022 11:27:45 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA86 		67 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&playerSize=640x360&zoneId=5672386&co=gazetaexpress.com&_fw_gdpr=0&loc=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1647862065114012-579
Expires
Mon, 21 Mar 2022 11:27:45 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ac
www8.smartadserver.com/ Frame CA86 		129 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553661&fmtid=67294&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1647862065&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
ptv
secure.adnxs.com/ Frame CA86 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=24569975&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
192f7ad8-f8a8-42f6-8bff-df362f10503b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA86 		67 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&playerSize=640x360&zoneId=5672322&co=gazetaexpress.com&_fw_gdpr=0&loc=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1647862065712068-591
Expires
Mon, 21 Mar 2022 11:27:45 GMT
advast
ice.360yield.com/ Frame CA86 		27 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22734519&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 21 Mar 2022 11:27:45 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ac
www8.smartadserver.com/ Frame CA86 		129 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553659&fmtid=61987&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1647862065&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame CA86 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=24569976&referrer=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&vwidth=640&vheight=360vv=4&gdpr=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dbdee114-dfd1-4ed9-89d4-adb683a782de
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ Frame CA86 		27 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22734521&w=16&h=9&referrer=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 21 Mar 2022 11:27:45 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA86 		67 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&playerSize=640x360&zoneId=5672386&co=gazetaexpress.com&_fw_gdpr=0&loc=https%3A%2F%2Fwww.gazetaexpress.com&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.89.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:27:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1647862065862022-583
Expires
Mon, 21 Mar 2022 11:27:45 GMT
integrator.js
adservice.google.com/adsid/ Frame 21F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ac
www8.smartadserver.com/ Frame CA86 		129 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=497028&pgid=1553661&fmtid=67294&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1647862065&vpw=640&vph=360&pgDomain=https%3A%2F%2Fwww.gazetaexpress.com&gdpr=0&schain=1.0,1!impactify.io,2062,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		0
123 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/v5-1.7.3/screen.js?v=5r88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126232
x-xss-protection
0
expires
Mon, 21 Mar 2022 11:27:46 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.gazetaexpress.com&rs=www.gazetaexpress.com&sid=1364&t=1647862062&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=409&he=230&app=&AV_PUBLISHERID=59f9ead1073ef4627e1810fd&test=&aafaid=&proto=https&uid=1647862062236-953919478774-005576-007-000170&cha=0.05&stagid=62275f105b58c742646fbf76&stplid=621dfaa1d69de723ea304de6&d35=&d36=6.2.6&cb=93090903974&cd1=desktop&cd2=0&cd3=outstream&cd4=1002277&cd5=eb774259-a909-11ec-90ee-e43d1a2a96ea&cd6=11&d9=1000&d37=realtime&AV_WIDTH=409&AV_HEIGHT=230
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=59f9ead1073ef4627e1810fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.209.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-209-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetaexpress.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:27:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=21&q=0&yco=0&yt=0&xco=0&xt=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=2&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=IMPROVEDIGITALDISPLAY1&ol=3525919755&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bp7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-UAUb5sLyVy50og%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&id=1&ii=4&f=0&j=&t=1647862062624&de=950644680505&cu=1647862062624&m=4763&ar=359f21c1e97-clean&iw=00a5661&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5800&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A610%3A635%3A2329%3A683&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=1&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4234&cd=113&ah=4234&am=113&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=165017%3A106800%3A286996%3A440522&bo=195514&bd=1134661&gw=improvedigitaldisplay945272226933&zMoatOrigSlicer1=195514&zMoatOrigSlicer2=1134661&zMoatDomain=gazetaexpress.com&zMoatSubdomain=gazetaexpress.com&zMoatSZ=1x1&zMoatReferrer=gazetaexpress.com&zMoatBundle=-&zMoatRTBADV=-&zMoatRTBCR=-&hv=find%20iframe%20parent&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=621067819&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:27:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 21 Mar 2022 11:27:48 GMT

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 function| structuredClone object| oncontextlost object| oncontextrestored object| CloudflareApps string| GoogleAnalyticsObject function| ga object| _atrk_opts function| fbq function| _fbq object| _taboola object| teadsscript object| gjdmpInitializer object| gjdmp object| bisko object| googletag object| _wpemojiSettings undefined| $ function| jQuery function| previous function| next function| go_to_page function| previous_secondpag function| next_secondpag function| go_to_page_secondpag function| previous_search function| next_search function| go_to_page_search object| wp object| __CF$cv$params object| jQuery1124031070967194677324 number| windowWidth number| windowHeight object| teads object| TWAGORAINARTICLE string| reqCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| adUnits object| pbjs function| initAdserver function| pbjsChunk object| _pbjsGlobals object| Criteo object| TRC object| _tblConsole undefined| msg function| atrk boolean| _atrk_fired object| twemoji object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_image_requests boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| iFrameResize object| ProjectAgora number| max_priority object| _mgIntExchangeNews object| MarketGidInfC1002277 function| MarketGidCContextBlock1002277 function| MarketGidCMainBlock1002277 function| MarketGidCInternalExchangeBlock1002277 function| MarketGidCRejectBlock1002277 function| MarketGidCInternalExchangeLoggerBlock1002277 function| MarketGidCObserverBlock1002277 function| MarketGidCSendDimensionsBlock1002277 function| MarketGidCRtbBlock1002277 function| MarketGidCContentPreviewBlock1002277 function| MarketGidCResponsiveBlock1002277 boolean| mg_loaded_634059_1002277 object| MarketGidInfC1190148 function| MarketGidCContextBlock1190148 function| MarketGidCMainBlock1190148 function| MarketGidCInternalExchangeBlock1190148 function| MarketGidCRejectBlock1190148 function| MarketGidCInternalExchangeLoggerBlock1190148 function| MarketGidCObserverBlock1190148 function| MarketGidCSendDimensionsBlock1190148 function| MarketGidCRtbBlock1190148 function| MarketGidCContentPreviewBlock1190148 function| MarketGidCResponsiveBlock1190148 boolean| mg_loaded_634059_1190148 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| txt function| postscribe object| _mNDetails number| lnt_z object| onClickExcludes function| mgReject1002277 function| mgLoadAds1002277_07b59 function| MarketGidCReject1002277 function| MarketGidLoadGoods1002277_07b59 function| mgReject1214277 function| mgLoadAds1214277_07b59 function| MarketGidCReject1214277 function| MarketGidLoadGoods1214277_07b59 function| mgReject1190148 function| mgLoadAds1190148_098aa function| MarketGidCReject1190148 function| MarketGidLoadGoods1190148_098aa object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint634059 string| _mgPvid object| ADAGIO boolean| _mgPageView634059 object| _ADAGIO object| GoogleGcLKhOms boolean| i.js.loaded boolean| i-noref.js.loaded function| _mgLib1_11_87 function| _mgwqp object| aniplayerPos function| avPlayer object| storageAni number| taboola_view_id object| _mgwcapping boolean| _mgPageImp634059 object| _impactify_ object| _impactify_tags function| Ua object| $b function| ac number| Kc function| Jc function| Lc function| Mc function| Hd function| Id function| Jd undefined| impx_jQuery object| impx_jstz object| impxCom object| _impx_pconfig object| impactifyContentApi function| _imp_TslZFT_rmd_func object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| criteo_syncframe_state object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| closure_lm_774079 function| arrive function| unbindArrive function| leave function| unbindLeave

76 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhDwz-7h-i8=
www.gazetaexpress.com/ Name: uid
Value: M9JdEmI4YStBto+iAwvBAg==
.mgid.com/ Name: __cf_bm
Value: WYoe2TLqKOh3ZGp1ZPljBY7mrZemUx14T1lNvYqGgYA-1647862059-0-Ae065722B949DqakzcZlRewGRXyBHQFw7SwdyBJ4rRoIs3wYcP56Wtdw1BEBZZ9aewmGwxjIz7iWxozHG5qJpfo=
.gazetaexpress.com/ Name: __asc
Value: f4be21d517fac3b9059524be77a
.gazetaexpress.com/ Name: __auc
Value: f4be21d517fac3b9059524be77a
.gazetaexpress.com/ Name: _ga
Value: GA1.2.1779063154.1647862059
.gazetaexpress.com/ Name: _gid
Value: GA1.2.998334042.1647862059
.gazetaexpress.com/ Name: _gat
Value: 1
.rubiconproject.com/ Name: khaos
Value: L10MIUWN-1D-3B5L
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB28ue0q8lnZMD5APvdogVCbaTd6KyMQnat7y9GyzaExIQ+H1Iuo9wmGwakCsIM/rTg4q9skiIvoyj79QniQXr/UHBx5r9vc1LNDyByN2tHx0Q==
.gazetaexpress.com/ Name: _fbp
Value: fb.1.1647862059188.1794284168
.adnxs.com/ Name: uuid2
Value: 7972238201079767659
.doubleclick.net/ Name: IDE
Value: AHWqTUn4w2gYc3KNA3WL_x5hMDPOSeLPwnmHZ12rovN7aaA2JGEwTXaYpif0p-DgKT8
.gazetaexpress.com/ Name: __cf_bm
Value: 0m27G9CQjjY7JYjegbQt5eVaI56xaZZb8LrbDQ5ysnk-1647862060-0-AaAypfutNo8P1efFx+ae3YW93WPxMGS9rrUVZBVd5Br7Rl7LqGi1P4/EHcBILMLIIu8LkfhQVytXsbwV6KJv0OC2VaIUI/ckNHiUVEvewIhT1ErN400rEjL6ClE5BRT1RQ==
.gjirafa.com/ Name: __gjci
Value: 8b50e7c80f894c33af6fa7d8260b2b7e
.gjirafa.com/ Name: __gjbi
Value: 30e63f4964504848ae31450e7b08ac81
bisko.gjirafa.com/ Name: __session
Value: a9e14190e56649adbf9c1926fea0f198
.serv431.com/ Name: UUID
Value: 5c17252d-430a-503a-aa1b-f53663b785d9
.serv431.com/ Name: ucv
Value: 1460-DE-1647948460848-24--
.mgid.com/ Name: muidn
Value: m2lFtEvagfr4
servicer.mgid.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
www.gazetaexpress.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1002277%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647862060573%7D%2C%22C1190148%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647862060565%7D%7D
.aniview.com/ Name: aniC
Value: 1647862062236-953919478774-005576-007-000170
www.gazetaexpress.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dee746df9-9177-42d8-8426-12e73d9ec3b6-tuct931e6ae
.adsrvr.org/ Name: TDID
Value: fff12db2-7d02-4752-a225-ce1bafbf9fe2
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aniview.com/ Name: 2_C_56
Value: 419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
sync.aniview.com/ Name: 2_C_56
Value: 419fc5d4-ad0c-4ae2-b6ac-98725ac4b791
ads.stickyadstv.com/ Name: UID
Value: f5f8e145c71ff9889e53ab1c55e0ed84
ads.stickyadstv.com/ Name: sessionId
Value: 9b943da715c7d21663e90871a7ee87
.quantserve.com/ Name: mc
Value: 6238612e-e3a37-386ea-9cb8f
.spotxchange.com/ Name: audience
Value: ec86c36a-a909-11ec-98ff-1ac054420306
.criteo.com/ Name: uid
Value: 822fd546-711b-4be9-98f5-0f1eec763402
.360yield.com/ Name: tuuid_lu
Value: 1647862063
.360yield.com/ Name: tuuid
Value: 720bfe3d-9977-407c-a012-b029a874e3c2
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003%22%7D
.360yield.com/ Name: fh
Value: !1042_286996,1
sonic.impactify.media/ Name: SSCookie
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003%22%7D
.aniview.com/ Name: 2_C_200
Value: RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
sync.aniview.com/ Name: 2_C_200
Value: RX-c3f5e66f-533b-4ac7-b1d3-da4e4fb1464a-003
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwja4d_Bkc7FOhAFOAFaBXNwb3R4YAI.
.smartadserver.com/ Name: pid
Value: 7372757361876725560
.gazetaexpress.com/ Name: __gads
Value: ID=cafa88ec65a05ae8:T=1647862060:S=ALNI_MarD_b3QCibHfXGnNlS7QD44f7asw
.gazetaexpress.com/ Name: cto_bundle
Value: UWdY2V9EeGNLbERqMmxBVVppU0dLUUJZOVp6cmFJaDF2UHlnUEl2MSUyRk93anYlMkJLcmUlMkJIUU04Uk5QeG1wMXE4UXBkRXg1bDhZTVpZTlRLd2dleVlOJTJGVURVSUVjJTJGaDdLQ1BpZGRFSWhCQkxEc2paY0hkeEdIU0lUR2IxamtEZHpicVFsMlA5VG1jSm1GQWVxNkNmellUMWIxY2lBJTNEJTNE
.yahoo.com/ Name: A3
Value: d=AQABBC9hOGICEGeuXdio6655QZTHepnJje4FEgEBAQGyOWJCYgAAAAAA_eMAAA&S=AQAAAuXn5JBM0-SROhxG38YDvqU
.mathtag.com/ Name: uuid
Value: 67be6238-612f-4700-8829-68c2920545ff
.advertising.com/ Name: APID
Value: UPecef7b3f-a909-11ec-b5ae-065f72b997e2
.analytics.yahoo.com/ Name: IDSYNC
Value: "1963~23vn:1953~23vn"
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&cc197ba2-b0e0-4945-87b5-dc2f0f050da8"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDc4NjIwNjM7MjswMjHwuwJk02lV/Tm4TGmZhaJ5f/zJoQxcg41MW7jlFXvOgQ==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2579:u=1:x=1:i=1647862063:t=1647948463:v=2:sig=AQFPkBYpVzqeEl2lQDmUYrM-qb7i04Y7"
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1915818441526398307
sonic.impactify.media/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI3OTcyMjM4MjAxMDc5NzY3NjU5IiwiZXhwaXJlcyI6IjIwMjItMDQtMDRUMTE6Mjc6NDMuODAzNjg1OTUzWiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiI3MjBiZmUzZC05OTc3LTQwN2MtYTAxMi1iMDI5YTg3NGUzYzIiLCJleHBpcmVzIjoiMjAyMi0wNC0wNFQxMToyNzo0My4yMjQzOTU1MDRaIn0sInNtYXJ0YWRzZXJ2ZXIiOnsidWlkIjoiNzM3Mjc1NzM2MTg3NjcyNTU2MCIsImV4cGlyZXMiOiIyMDIyLTA0LTA0VDExOjI3OjQzLjU3MjI0ODAyM1oifSwidmVyaXpvbiI6eyJ1aWQiOiJ5LUxPNkdNUWRFMnVKMnRHUHo0ZDJqUWxTek5wQlJBam4xfkF-VVBlY2VmN2IzZi1hOTA5LTExZWMtYjVhZS0wNjVmNzJiOTk3ZTIiLCJleHBpcmVzIjoiMjAyMi0wNC0wNFQxMToyNzo0My42ODk5NDQwNTZaIn0sInlhaG9vIjp7InVpZCI6Inkta2NZQW1VTkUydUc1UkpERTZmRDdWeVNJLjBrUU41REtjRlZnNEg0LX5BIiwiZXhwaXJlcyI6IjIwMjItMDQtMDRUMTE6Mjc6NDMuNjE4MjQ4MTcxWiJ9fSwiYmRheSI6IjIwMjItMDMtMjFUMTE6Mjc6NDMuMjI0MzczMTgxWiJ9
.adfarm1.adition.com/ Name: UserID1
Value: 7077513668928796827
.amazon-adsystem.com/ Name: ad-id
Value: Aw_gq6pO0UsIgBaF55MDHJE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YjhhLwAAAt2b8AA-
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjE3NjcwMyIsInNwIjo3LCJpIjp0cnVlLCJscCI6NjQ2NSwiZ2NzIjoiIiwicGwiOltdLCJzaWQiOiJlYzg2YzNhNC1hOTA5LTExZWMtOThmZi0xYWMwNTQ0MjAzMDYiLCJzb2wiOjcsInNsIjowfQ==
.w55c.net/ Name: wfivefivec
Value: CTuBb02F1Nwgco5
.w55c.net/ Name: matchspotx
Value: 5
.smartadserver.com/ Name: vs
Value: 497028=4847727
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311347762%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=160067658&lo=-415003147&lt=637834588641125506&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311347762%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
ads.stickyadstv.com/ Name: pxId
Value: 2898
.3lift.com/ Name: tluid
Value: 238313615281159216962
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E?)or_d$!A#FR.CK$wNya!tNhToz6xb)p
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1649030400%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D7D214EA-CA20-4EA4-8014-A3C3E8155D1E
.adnxs.com/ Name: icu
Value: ChgI7PpYEAoYASABKAEwq8LhkQY4AUABSAEKGAiFy14QChgBIAEoATCtwuGRBjgBQAFIAQoYCMqQfhAKGAYgBigGMLHC4ZEGOAZABkgGELHC4ZEGGAc.
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pi
Value: 156400:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

2 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4665846415960239&output=html&adk=1812271804&adf=3025194257&lmt=1647862059&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gazetaexpress.com%2FE-GJENI-DOT-KAFSHEN-NE-KETE-FOTOGRAFI%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647862059157&bpp=3&bdt=761&idt=217&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3775885188004&frm=20&pv=2&ga_vid=1779063154.1647862059&ga_sid=1647862059&ga_hid=1283769315&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750774&oid=2&pvsid=3565077800031037&pem=468&tmod=471574597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

094bdc8b0e3d9c5d8cab1f5aa716a9a3.safeframe.googlesyndication.com
4c37076bfb3e48244d69a97e9ca495e5.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ad.360yield.com
ad.impactify.io
ads.projectagoraservices.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
aghtag.tech
agorahtag.tech
am-trc-events.taboola.com
ap.lijit.com
bidder.criteo.com
biddr.brealtime.com
bisko.gjirafa.com
c.mgid.com
c1.adform.net
cdn.adnxs.com
cdn.impactify.media
cdn.jsdelivr.net
cdn.mgid.com
cdn.projectagora-adtag-library.com
cdn.taboola.com
cds.taboola.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
contextual.media.net
creative.360yield.com
csync.loopme.me
d31qbv1cthcecs.cloudfront.net
dsp.adfarm1.adition.com
dvr.impactify.io
eb2.3lift.com
eus.rubiconproject.com
euw-ice.360yield.com
fastlane.rubiconproject.com
fra1-ib.adnxs.com
gjstatic.blob.core.windows.net
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
jsc.mgid.com
lg3.media.net
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pg.impactify.io
pips.taboola.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
px.ads.linkedin.com
px.moatads.com
qsearch-a.akamaihd.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
res-a.akamaihd.net
s-img.mgid.com
s.amazon-adsystem.com
s0.2mdn.net
s333.adxpremium.services
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
serv431.com
servicer.mgid.com
sonic.impactify.media
ssbsync-global.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.teads.tv
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
video-native.mgid.com
vpaid.impactify.media
warp.media.net
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www8.smartadserver.com
z.moatads.com
104.102.28.254
104.102.30.13
104.17.119.107
104.19.132.78
104.19.136.78
104.21.59.143
104.75.89.138
108.157.4.71
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.130
151.101.193.108
151.101.193.44
151.101.2.49
152.228.222.122
172.67.71.111
178.250.0.157
178.250.0.165
18.156.0.31
18.158.84.255
18.196.230.57
184.30.24.22
184.31.84.150
185.184.8.65
185.29.134.248
185.64.190.80
185.86.137.32
185.86.138.32
185.86.139.103
185.94.180.126
193.122.128.135
198.47.127.19
2.20.85.83
2.20.86.97
2.22.32.24
2.22.33.114
204.237.133.116
208.88.224.28
209.54.180.144
213.19.147.44
216.52.2.19
216.58.201.66
217.160.255.213
23.37.42.132
23.88.75.189
2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f
2600:9000:2156:c000:1:7eae:e800:93a1
2602:803:c004:200::140
2606:4700:20::681a:8a9
2606:4700:3031::ac43:81b0
2606:4700:3032::6815:4ae4
2606:4700:3036::6815:4f16
2606:4700::6810:5814
2606:4700::6812:f13
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2a00:1450:4001:803::2006
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba19
2a02:26f0:6c00::210:ba20
2a02:26f0:7100:2b4::2c79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42::300
2a05:d018:d29:3601:b883:24d:29e5:b600
3.120.46.78
3.217.20.60
3.33.220.150
34.251.6.15
35.244.159.8
35.244.174.68
37.157.3.29
37.157.4.25
37.252.173.215
37.252.173.27
37.252.173.62
44.196.209.25
51.195.88.7
52.200.158.235
52.209.147.3
52.239.139.164
52.58.249.203
54.230.111.31
69.173.144.138
69.173.144.165
69.192.161.54
76.223.111.18
8.28.7.82
85.114.159.118
92.123.194.180
92.123.224.108
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01280f764809c45ae35c6e5901cbb5e595980ae3449fc7c4aac54fd18602218b
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08b562cee19c4ff0e74eeb29a0b4f4013644c02f0cbc6ebf9f22a434cd527807
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0e4af100a42dd45aa66377c48b24edb4ddd16831513508917ec5e87e0ab98600
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bb1cef53ad81cc2bab8fb4d99f0d58dac161d1a3a270cf06f15d9db120365c
1226d853fbe4af06d354b96d46321b15e35344265b5fb422424614c085db52bf
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1bf5ec97a26ec5291f86b864fe727de79accd6c0bd484ff3dfe75e74cf3289a6
1ed4c8a8cbe31d3903b2903265b1b5df60688fb01475d5097e9bb942df8e078b
1ed7d434cc3f89a09a5fb5385a44b646a302cc0e7f4a09f84f55dfeb14d1f100
1efe00e19de8c2bd26a211fa57a47790b7648453a80a02d0e31f15a5df880175
202b60c49aaffc7e0f217e44c76e1294a5ddb44cfd09d3dd4b3f6fd3b2361f01
2081dfb8191bbab57d1e8ebbe360b7d1f0ea2f34010003518679e2dbeecdf974
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
23f777f68e14aa6ea3ee3696ef90d3fa97124e8a1b4b3240d93c0528676e3d1d
257a4584294f6aa97aeb3e9c8ddfdef3892ca1b3530213f80a2b431f0da20159
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
279bab9c940a48b6220772a720b2e044ebf9341a62132bc9c66178fa73272710
280b57a57e08af36875437fd24f32086a15be46cc6facb69cb6aa695eebc04db
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
295b94c8868dd933abc89f983e2dbe39ca4596290c5bd309ebbcdcd9cb089653
30b8d0bbd0e0ad5555a40f2eddd0e8ddf4f863f5c16367c9496a7cc6797e6f73
31dba1aec81e6b14d4ba4c8ff7974e33f480719a71ea60d42361c49b59c0a2d3
327f60006e399d96d711bc4bc9b08b12cdd2f0a600a3c26edde260b30aa3e6b1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
35e86b97fb421ee544819a0f6cfc4d551f8b232969cfe954f9e24d65c476005c
36234dfc3643d15135aa25829d06d32fc1a843e9bec39b64ca0ffec08eac4a45
374185e53bbef45445536ca0bec29e8ee94dd9c3ef96914dfa69a13447964ca9
38ce2a0502a4a32f4d0f5855152103292aed471d22a6812ca3971c860c0b637d
38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e7dc00ef44abc8c07dc85cbe8d9737813f68f39ccadfd7e992a26d9cbdbf8d5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee01bd79e58c77dc4276a96fa5dcbe396c024538353c216894c5d6abcf2b6e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432df4694f253980a289d80298ba613964121aadb94c34ac585281f4858bc0d9
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4907760af17c4b36f1048917f2e15e03788bf704c615407ed44d427aaa64a542
4c7b3b636537acb37a809f994c0248b60ada03bbf85fc42eedd74033e859a056
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd0fe7368fdf78515eb056494df05bd40a1ca31cb0c963276f4d17b98a6bdb2
4fd7e4addfa6af607117bf218a0bee89074525db02f98b9389efa3cd8e6d1b84
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
510176b9d8a0b82945b7bef32173f64c7e95580d03a9776dca69e5258b9b49c3
512d9b1a8a4ddb1408d77d7becbc595324b345c8ff05bde3aebbc551df147e02
533082022bc927661c3e1117efd56ad87697ebf11b5e798341a2639f306a3c86
5354c51cb516562bde470821c3df125e01152fe47296eefd57e9bccbd7c264fe
536bb1cf7e5e542325a3d7fbcd156fa3c495c47550b7709bd1962b02af0b3188
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
58d5dd78af31fedc394fc1576004d11f96384907eaffd5260382daeefe8dccb3
59e79f843c28715c8e4b88d1284926d317eb4582fbf2c9baba3f6ab7cd1da9a3
5bfc9d681398233b7ea9d711c1c7c13bfff2e0333451c4d2bad846fc8ccd73d6
5ca2017d7e15a2c4ca793a50067e3acb862d487a03b734ffa86d8bd905752afc
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f7ef35bdb15376d58e3ea16190d1d92a0379ae2f5b0b0108d393369dd09ed4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624bb529d39e9f16e1be8aaeb07645c36c9a44f32ed2cb8f48e08657b076e68c
625d5045bbad85753d71af310f093afd66f84024777e2a6413cbd680429cd589
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
658c14d9b1f327a4c44cc3295d08584eada1e2d086497f748ad972799f4e4fc5
68af5a6a7edf22605e596cf869c1b11c44d23efa73926e035b3cd0ce393e842d
68c70eb2a90453358de183b08add26d04b62231a46fa877a4e5fa1cb55ffc958
6be4aeb8ab5cffa42a0f0ad08a780289db5dd6d9d72ca1d0d8c83f3590b50901
6d971959dffab6299841ea510fcfd76adce0e5e77cce5676405f818a9bdd64a3
6e703e24ff02d7634580dcbf9287f9a7d46f79320c093d8d3756fde6136f81cb
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
73c54a34a0b238e7adb8bd3e5fae3d5f20327c77969ee070eb984d2c48684fda
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
760042c74ca436460ec38ee573383b5eb120a272f56e2ed526a62b7757eacd22
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
7886da0394555f9f3eb5ca9929b622851c24c9667e3ab4b2fd26e5d9cfd3566b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
797bf07d2fc55e1e3f24b53da7c753b087e7bd7838dbdf404844f92afe29d33d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7df6389112c769e2c4c7b4882b78a8cfaee2fa1d79bc7f033af872e4859e7ae5
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80e757086664a81fc61bd6a84309abed0813e8077cc7bd3c1c5f76a4bb6bbc6e
82b053dde159f22e07f8e61fb45db7f84b5a71824db82684c5a8f8313332c127
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86960b92c227276b7ece5da51dad789ec45424f1294bc5884cacaca7d44cc595
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
87d1242d49ac617a8760c1c186770b83f96d6e74bea8a894681796348d30dc8b
886271ffc64606748e51dea9c199b951574eeba56313bbcde9d50c45e8a701f4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af0958c15a39f3f34f465fa9aae061527543b3aacfdec37491ff2376ffe985c
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d03630319b6f04fe02eec0e4bdde8e2fd620ab570ae105be45893e2c593e06d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e700bddd1405ed9feb6cca2523254b13b0bc2191f0728170099746792e7caa8
8ef5d4b879cb1d35d7041ebb9a545462cd9a67e81cc42f7ace19a8aa2a73fb96
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94b23ccf71380978c139b27990f32f6986c492acbd78874b9b32127d756b3277
94e1e8b1bc385e4a69f5e2a249da03928ea193f2b2440bbed49d7c9e2cc4fdcd
9800465cae64bdf8617aaca614fe37e565cf5b9e577daedd111816175e406b04
9cbb9be7acdac8ad96d8419b8eb4e7120b05295a42d3c50919370d1fc83547dc
9dfec6c7e2254959d01350a2ea2f613ddaaf9e92249d7bb13b75b4dd0837c534
9f316916dad90f198dd2cdd847f6a0d7363027768049652afb7b80f35ac5c9ee
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23874e64b8722f8ebb2736a93cffe32bbb8fcd238544c2dc4bf4037d0e0fb72
a28a0728c160ca3d1a22ca3f2db52b18a581260578f008011b5bda4d64894005
a36d19fbe3e6775de15064aedfb6cd1d44f9f35b7ceb64cb780528454ee6f911
a37ec5ebcb374575dffe5995f8c24cecacd9f4deb5b5b40c1bf55bdc6c18c0a4
a3d4ccabfd7718a0c48ad7f1280cbc2d01a5f5a743cb6bc251031e290d118f65
a4a0fae02fb02c0c74199b9a289e461b16cb09e951578075fc09223ed8be8190
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b45d50995f4cc4d4d71101c4eacdb52685b1af9daf123b745929540f0dad45
a517a5cad068fcbbb3e85ce19b890ba1917954d6c507596f05e6ef2e2c34cad0
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a727002c49d08e8e8d85d449ffc2bb49e7708c3a8957800001a2a43e80aa5df1
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b6ce5bce35a38960eda5c669c47447957cf16042d21a91973f55393e5b3b55
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abad835a03a439b98f0e6af24ef9d2db7be144f266dbbe2f1c9b31c683baf6a0
ac7042cd4ac5cbd920f929f865ea2e46c238c6eeb4c67994f2de745f197fc0c9
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad8dc1681c0451d8590af4d2d08b7b16e4f6edf197f805929d6a85a2be1b622c
ae26e7bfd317b42785ff20621ecf30d7157d74a153453147a6ef09a561631fa6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af388d463945f3ea43916da9c5ff751c77922e83b47a80cdf89658788dd26278
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b08d78617316b2b9ed4a3726b8fb1e8d74162fcac6cfe467e767bd7eff138ae9
b1a2e5ffa0b16b7f55eba0ace46076a613f872f8844dcd9667dec900d5f27e46
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b3ede5c007b843287b8ffd0c398af54969710362e87a04e571f5e140ef2a35ee
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19
b84e1506c7ff3c439e323e7edbc44eb4a22db6ece5a1977c16162f7691e2ab0d
b9cce687259803b513d2ea269400b8ef83a08d980d57721898f5e0b26f588daf
ba6611b02eb043228924ead94a76557456e842dfcc03a286d6dba1f4d39c3a31
bb009fe8dad1eb552b652f7b43ce0e30537de5f7ffe761526aaa90ca2541480b
bc1d9e9768dc2aac87ca93ca9d1ec82dfabf771df03e6636deb4e4972aa14dc5
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
be1276b9fcc751ea3d53906870d6328216238d74a223806349150987dfc7a568
c17df0a4c6c50692dba8461e9c1e59b19f2c8d5ec06d07db0e4c51a8f66b56c4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31b2375744708f38933b2cb26263a36bb9c254ba30d3d669953136ffd70dbe5
c43bd887b1cdd61c63fc5d4545fe3e068b07863263ade81288070ad128f69bf4
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c742c7c83b1527508a18b249a880611aa8837649d6ca3ba8803c01c6ede05ff8
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c83f65eca82d2c5cf5dbcbfc755d5a1a5348761eac19194c8347012eafcf3285
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ce452421ffc53808c61795729eef02db9132d6d2cbc68198b158dce56b519272
cf0438843be74c022c91da132f1a42b34b9d581916dd7920a6ab4cb03ad5da81
cf0a680b3db78402b1968d02a73e5d14ddfbee11d87f60e9cd5ac7cf8c553676
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b8a7a342a97c83b3d9735d6e09d9b38d4139246d8d02c8f17098b4ecac72d3
d248bdf6a427b0b80c2681a3499f346c03af7421b9513ac81b30200506ca2c1b
d5c3ebcc76d438ea9300125bc48b3ab645d644a3634a7119034fb6867561cf23
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be
db0097a5999a246f3f5e0db4d07c0b8d4caeab7caf8b27a6c832e0469e17a8a7
dc6f9465b51ddd159e5268944a013f29114cde4d11265d63ebbca2ee91081f70
dd4deadc83c53fb31109d3c06d5598b236d4d0f1fb8b0908c9dc482da9803ffc
de013991e72c88028913d98698f347f511d17b70fd86c75322f8c0ea52d8d476
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8b437d60188c442585796d764a8553f266fa878437b96be8009a1642e6cf278
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9d72b87c82e8ab01c28ba5ae062e262989024409e634633148d33e0a3da4195
ea91033423ab4630ee6677425aac453d33ee2a31c12f19d24d8a081c0a22b03c
eabb217ce1c8a1710595df3dfbecc1c49a5e9130f9344e6938b23dd24a26d036
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee64c20b4e287d1b2fbfd074cf7ccc184f13453a1fca1cd0f09c95435c3287d8
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f30ed3586a10b8fa94e663755b7cffcfe52724ce775d8c2b576e42e152f29123
f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c
f370c1978c064ed715099f885066fa3d9dbe18cc821186883ff35782418ff565
f38119e974dd8ec8ab7400032ebc5e3be1f5c0f057ab43d95fb908f3a2412ddf
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6927908310a9d8ea2a4e5594452cefd9dc8c8aa71bf101c4d497964b16efedf
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fad256c668aa1eb51fa18a925e95273df342e46f3162de728123b4c1fb922b5e
fb0f534cbdc4f12e5ce356d330df1f9212dab3b9035f9ca084d6c54d5e7cd821
fc1c98b585058c74ff3f6a841129f139d9788d8c73b1a54a030189fbe83620bb
fcc16bf1238724eedd1638bf0937b691bb01d08e585ac5e1db274acb47147c5e
fd71f94228b51de5b1745a8d35ef3b6700ded352aabfd412aaaad9d42e833b09
fd857341e3bc19e8c375e272b2d0c5456d7e01f3f15329dd03bb9b3333e6fb32
fdb372202bc66c26ee022569b581c1fc70c5c7f60ac185815fc7378a0a03f071
fe0a12f50be33f9a0baec9ab32d31a115599d45942cbacc32bca3e98dcf559ea
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89