www.tuko.co.ke Open in urlscan Pro
95.101.54.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-...
Submission: On August 10 via manual (August 10th 2023, 5:20:29 am UTC) from GB — Scanned from GB

Summary HTTP 164 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 67 IPs in 10 countries across 44 domains to perform 164 HTTP transactions. The main IP is 95.101.54.139, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.tuko.co.ke. The Cisco Umbrella rank of the primary domain is 230959.
TLS certificate: Issued by R3 on June 8th 2023. Valid for: 3 months.

This is the only time www.tuko.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	95.101.54.139 95.101.54.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
11	23.48.23.28 23.48.23.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:211... 2600:9000:211e:e800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	116.203.211.129 116.203.211.129	24940 (HETZNER-AS) (HETZNER-AS)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.159.23.198 18.159.23.198	16509 (AMAZON-02) (AMAZON-02)
3	23.48.23.38 23.48.23.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2606:4700:303... 2606:4700:3034::6815:3534	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:9000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.169.42 52.219.169.42	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	54.231.169.9 54.231.169.9	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	188.40.114.52 188.40.114.52	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:8a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
2	18.197.82.230 18.197.82.230	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	206.189.203.95 206.189.203.95	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
17	3.64.70.217 3.64.70.217	16509 (AMAZON-02) (AMAZON-02)
2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.157.8.26 35.157.8.26	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2a04:4e42:8e:... 2a04:4e42:8e::159	54113 (FASTLY) (FASTLY)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.67.141.120 172.67.141.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.227.9.154 64.227.9.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
5	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 4	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
6 8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	34.241.158.58 34.241.158.58	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	() ()
3 4	34.235.212.6 34.235.212.6	() ()
3 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.139 69.173.144.139	() ()
4 4	69.173.144.165 69.173.144.165	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3601:68c4:160f:554f:e0aa	() ()
1	52.46.155.104 52.46.155.104	() ()
164	67

4 95.101.54.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-139.deploy.static.akamaitechnologies.com

www.tuko.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.48.23.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-28.deploy.static.akamaitechnologies.com

static-tuko.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211e:e800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.211.129 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.129.211.203.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.23.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-23-198.eu-central-1.compute.amazonaws.com

pixel.tuko.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.23.38 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-38.deploy.static.akamaitechnologies.com

netstorage-tuko.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:3534 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

n.mail-tuko.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.169.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

media-tuko.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.169.9 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

gmem-shared.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.40.114.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.114.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.82.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-82-230.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 206.189.203.95 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.64.70.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.8.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-8-26.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.141.120 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.9.154 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sync.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.126.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.158.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (None, )

ASN- ()

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.235.212.6 (None, ) 3 redirects

ASN- ()

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:68c4:160f:554f:e0aa (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.155.104 (None, )

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1307	3 KB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1053 syndication.twitter.com — Cisco Umbrella Rank: 1269	430 KB
14	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	160 KB
14	akamaized.net static-tuko.akamaized.net — Cisco Umbrella Rank: 404413 netstorage-tuko.akamaized.net — Cisco Umbrella Rank: 276468	221 KB
12	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 572 eus.rubiconproject.com — Cisco Umbrella Rank: 636 pixel.rubiconproject.com token.rubiconproject.com	20 KB
12	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 592 ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com — Cisco Umbrella Rank: 809 image2.pubmatic.com — Cisco Umbrella Rank: 938 simage2.pubmatic.com — Cisco Umbrella Rank: 786	26 KB
10	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 441 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1131 s.amazon-adsystem.com	67 KB
6	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 2411 apis.google.com — Cisco Umbrella Rank: 160 region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3	23 KB
6	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 19518 tt.onthe.io — Cisco Umbrella Rank: 15514	20 KB
6	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3448 test.cmp.quantcast.com — Cisco Umbrella Rank: 11235 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12852	154 KB
5	cootlogix.com exchange.cootlogix.com — Cisco Umbrella Rank: 9035 sync.cootlogix.com — Cisco Umbrella Rank: 2686	2 KB
5	tuko.co.ke www.tuko.co.ke — Cisco Umbrella Rank: 230959 pixel.tuko.co.ke — Cisco Umbrella Rank: 471902	35 KB
4	audrte.com 3 redirects a.audrte.com	3 KB
4	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 856	323 B
4	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3238	733 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	223 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	322 KB
3	adform.net 3 redirects dmp.adform.net c1.adform.net — Cisco Umbrella Rank: 604	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 23957 idsync.frontend.weborama.fr	897 B
3	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 2854 pbs.twimg.com — Cisco Umbrella Rank: 1072	106 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1373 contextual.media.net — Cisco Umbrella Rank: 649	26 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 772 dis.criteo.com — Cisco Umbrella Rank: 608	748 B
3	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 640 eb2.3lift.com — Cisco Umbrella Rank: 406	1 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3840 onesignal.com — Cisco Umbrella Rank: 1426	73 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	529 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4741	558 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	60 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	234 B
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 662	886 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 221	8 KB
2	amazonaws.com media-tuko.s3.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 532939 gmem-shared.s3.amazonaws.com — Cisco Umbrella Rank: 279330	27 KB
2	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1285 cms.quantserve.com — Cisco Umbrella Rank: 857	10 KB
2	mail-tuko.co.ke 1 redirects n.mail-tuko.co.ke — Cisco Umbrella Rank: 464101	1002 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	619 B
1	linkedin.com px.ads.linkedin.com	649 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 818	610 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 851	266 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 891	793 B
1	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 17445	1 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 709	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1242	633 B
0	emxdgt.com Failed hb.emxdgt.com Failed
164	44

	Domain	Requested by
17	btlr.sharethrough.com	static-tuko.akamaized.net
12	platform.twitter.com	www.tuko.co.ke platform.twitter.com
11	static-tuko.akamaized.net	www.tuko.co.ke
8	cm.g.doubleclick.net	6 redirects
5	image2.pubmatic.com	ads.pubmatic.com
5	tt.onthe.io	cdn.onthe.io
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	a.audrte.com	3 redirects
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com
4	exchange.cootlogix.com	static-tuko.akamaized.net
4	targeting.unrulymedia.com	static-tuko.akamaized.net
4	www.google.co.uk	www.tuko.co.ke
4	connect.facebook.net	www.tuko.co.ke connect.facebook.net
4	www.googletagmanager.com	www.tuko.co.ke www.googletagmanager.com
4	cmp.quantcast.com	www.tuko.co.ke cmp.quantcast.com
4	www.tuko.co.ke	static-tuko.akamaized.net
3	syndication.twitter.com	platform.twitter.com
3	www.google.com	1 redirects www.tuko.co.ke
3	netstorage-tuko.akamaized.net	www.tuko.co.ke
3	www.google-analytics.com	www.tuko.co.ke www.google-analytics.com
3	c.amazon-adsystem.com	www.tuko.co.ke c.amazon-adsystem.com
2	match.adsrvr.org
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	ads.pubmatic.com	static-tuko.akamaized.net
2	eus.rubiconproject.com	static-tuko.akamaized.net eus.rubiconproject.com
2	static.criteo.net	static-tuko.akamaized.net static.criteo.net
2	pbs.twimg.com
2	www.facebook.com	www.tuko.co.ke
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	htlb.casalemedia.com	static-tuko.akamaized.net
2	fastlane.rubiconproject.com	static-tuko.akamaized.net
2	hbopenbid.pubmatic.com	static-tuko.akamaized.net
2	ib.adnxs.com	static-tuko.akamaized.net
2	prebid.media.net	static-tuko.akamaized.net
2	bidder.criteo.com	static-tuko.akamaized.net
2	tlx.3lift.com	static-tuko.akamaized.net
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn.onesignal.com	static-tuko.akamaized.net cdn.onesignal.com
2	n.mail-tuko.co.ke	1 redirects www.tuko.co.ke
2	securepubads.g.doubleclick.net	www.tuko.co.ke securepubads.g.doubleclick.net
1	s.amazon-adsystem.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	simage2.pubmatic.com
1	um.simpli.fi
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr
1	sync.crwdcntrl.net
1	cms.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.cootlogix.com	static-tuko.akamaized.net
1	biddr.brealtime.com	static-tuko.akamaized.net
1	eb2.3lift.com	static-tuko.akamaized.net
1	contextual.media.net	static-tuko.akamaized.net
1	js-sec.indexww.com	static-tuko.akamaized.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	onesignal.com	cdn.onesignal.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	www.googleadservices.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	region1.analytics.google.com	www.googletagmanager.com
1	gmem-shared.s3.amazonaws.com	www.tuko.co.ke
1	apis.google.com	static-tuko.akamaized.net
1	media-tuko.s3.eu-central-1.amazonaws.com	www.tuko.co.ke
1	test.cmp.quantcast.com	cmp.quantcast.com
1	secure.quantserve.com	cmp.quantcast.com
1	ampcid.google.com	www.google-analytics.com
1	pixel.tuko.co.ke	www.tuko.co.ke
1	cdn.onthe.io	www.tuko.co.ke
0	hb.emxdgt.com Failed	static-tuko.akamaized.net
164	76

This site contains links to these domains. Also see Links.

Domain
bank.gov.ua
www.comebackalive.in.ua
policies.google.com
kiswahili.tuko.co.ke
www.facebook.com
twitter.com
www.patreon.com
www.threads.net
corp.tuko.co.ke
www.instagram.com
www.youtube.com
t.me
www.tiktok.com
www.linkedin.com
www.pinterest.com
mastodon.social
play.google.com

Subject Issuer	Validity	Valid
legit.ng R3	`2023-06-08` - `2023-09-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
cmp.quantcast.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.onthe.io Sectigo ECC Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-19` - `2023-08-17`	3 months	crt.sh
tuko.co.ke Amazon RSA 2048 M01	`2023-05-10` - `2024-06-08`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-14`	9 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.cootlogix.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-11-14`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2023-01-23` - `2024-02-24`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Frame ID: E5CEBA2A0158EDB018C5A8F14E18AC24
Requests: 125 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tuko.co.ke
Frame ID: 1ECF7D652FBFB60378189896D34E096F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Frame ID: 4B52AC22A1E1511A74D0F82267DE0ED4
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 511E19D9D3FB7437EA3FCFE389B7591D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BC841143620BAACF6FF16A12DFE40E59
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 28E63E8275364A511E5F46FF7C19DB92
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU1FDX19&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C2069%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C2040%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C2037%2C446%2C9%2C208%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C2047%2C337%2C338%2C459%2C77%2C38%2C182%2C141%2C262%2C186%2C461%2C222%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9C0ED9A7ACA627F8637B916F0E1D4DE9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 52264653E8E944C73A5D4B5F7F1732B5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689
Frame ID: D82235650FA382735487F64B075AE335
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 4DF8C5F234671F53CBBD6299BC316AA3
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3C7F7428542FE8998EA4D949B892BA1D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=47308351121490985
Frame ID: 07BE0C857D059E62BCEF33369C663F42
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 14364E4C88793F3C732E31768E96F8F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420504671003
Frame ID: EDF838FB26612CBA0DD9B26666BBC368
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 3FFD1E21C4F804B48604E99833399E17
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ
Frame ID: F324BCCB3126F0C309D75C55AEA7E405
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kenyan Civil Servants to Lose Allowances as Govt Seeks to Lower Ballooning Public Wage Bill - Tuko.co.ke

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

164
Requests

90 %
HTTPS

36 %
IPv6

44
Domains

76
Subdomains

67
IPs

10
Countries

2044 kB
Transfer

6481 kB
Size

50
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://bank.gov.ua/en/about/support-the-armed-forces
Title: National Bank of Ukraine

Search URL Search Domain Scan URL

URL: https://www.comebackalive.in.ua/donate
Title: “Come Back Alive” Charity

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://kiswahili.tuko.co.ke/
Title: Habari za Kenya Swahili

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F%3Futm_source%3Dfacebook%26utm_medium%3Dps

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F%3Futm_source%3Dtwitter%26utm_medium%3Dps

Search URL Search Domain Scan URL

URL: https://www.patreon.com/tuko
Title: Help us change more lives, join TUKO.co.ke’s Patreon programme.

Search URL Search Domain Scan URL

URL: https://www.threads.net/@tuko.co.ke?igshid=MzRlODBiNWFlZA==
Title: Threads

Search URL Search Domain Scan URL

URL: https://corp.tuko.co.ke/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://corp.tuko.co.ke/drive
Title: Tuko.co.ke Charity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tuko.co.ke
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tukoswahili/
Title: Facebook (Swahili)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tuko.co.ke/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/tukoke
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/tuko_co_ke
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/tuko_news
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@tuko_co_ke
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tuko-media-ltd/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/tuko_co_ke/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://mastodon.social/@tukocoke
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.insomnia.kenya.newsi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://n.mail-tuko.co.ke/online/26 HTTP 303
https://n.mail-tuko.co.ke/online/26?ar=1

Request Chain 106

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&label=8axxCPSwv8oDELfAzcID&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mHPUZLGxHJiU7_UP9MOpyAg&sscte=1&crd=&pscrd=Ek5DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUklsQUZWWm5HdGdDQkVJR2s0QTJPZmdlaTR1Y05uUW0xT3czc2F2Um0xSklJT1lVQmR0WmcaV0NoQUk4UExNcGdZUW1JS2g3ZUxLajZvWkVpMEFSaDUxZF9YSjB1OXhPVWV2eTctQmtVX0p6VkFTTmZyN29NclRLTzRhYmFvZ2FpSXRfdEVpa2VhZG9tTSITCLHd5Ias0YADFRjKuwgd9GEKiQ HTTP 302
https://www.google.com/pagead/1p-conversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&label=8axxCPSwv8oDELfAzcID&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUklsQUZWWm5HdGdDQkVJR2s0QTJPZmdlaTR1Y05uUW0xT3czc2F2Um0xSklJT1lVQmR0WmcaV0NoQUk4UExNcGdZUW1JS2g3ZUxLajZvWkVpMEFSaDUxZF9YSjB1OXhPVWV2eTctQmtVX0p6VkFTTmZyN29NclRLTzRhYmFvZ2FpSXRfdEVpa2VhZG9tTSITCLHd5Ias0YADFRjKuwgd9GEKiQ&is_vtc=1&ocp_id=mHPUZLGxHJiU7_UP9MOpyAg&cid=CAQSKQBpAlJWxFnQPEiqRkWaYlXdwtxlVj9j_lgPzMpqbMkAUdOCQGqanGZa&random=3218989954 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&label=8axxCPSwv8oDELfAzcID&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUklsQUZWWm5HdGdDQkVJR2s0QTJPZmdlaTR1Y05uUW0xT3czc2F2Um0xSklJT1lVQmR0WmcaV0NoQUk4UExNcGdZUW1JS2g3ZUxLajZvWkVpMEFSaDUxZF9YSjB1OXhPVWV2eTctQmtVX0p6VkFTTmZyN29NclRLTzRhYmFvZ2FpSXRfdEVpa2VhZG9tTSITCLHd5Ias0YADFRjKuwgd9GEKiQ&is_vtc=1&ocp_id=mHPUZLGxHJiU7_UP9MOpyAg&cid=CAQSKQBpAlJWxFnQPEiqRkWaYlXdwtxlVj9j_lgPzMpqbMkAUdOCQGqanGZa&random=3218989954&ipr=y

Request Chain 152

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=47308351121490985

Request Chain 154

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420504671003

Request Chain 155

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 156

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9guL909CSXmexzuoFNEuqQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 159

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2297212996 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9

Request Chain 160

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NDdiT2x1RzVwNGVTRXloNUEtTkxFRVllUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=6043210129849006797&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjYwQjhCRjctNEY0Mi00OTc5LTlFQzctM0JBODE0RDEyRUE5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAj5LZ2bbY_d0so2OEbXH-A&google_cver=1

Request Chain 164

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6043210129849006797

Request Chain 166

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LBiDuPOVSpSo2IRGCY4mqA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LBiDuPOVSpSo2IRGCY4mqA

Request Chain 167

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEw0UE5HRUYtUS0yUkI3 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEAPlaASvxj-oui66sUiAGw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0UE5HRUYtUS0yUkI3&google_push=

Request Chain 168

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL4PNGEF-Q-2RB7

Request Chain 170

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/vDxoQlikgQSWv_tM2DRYIA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xkTRwKFE2oK3wvfQXUPOH4PL2GzTq7D0asHQvQ--~A

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4yml7cwq1nHMWcyYp8g5E&google_cver=1

Request Chain 172

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzNDAyNTVmODVkOWYzZTYwMzkwYTBlMDIwNmUwMTY5NzczYTE2NA

164 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/ 188 KB
27 KB 346ms
146ms Document
text/html 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-139.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0ca1ad8580acd8a064d96850a1bf83fb88afa07fbcc030b21bac60d308476105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-encoding: br
content-length: 26511
content-type: text/html; charset=UTF-8
date: Thu, 10 Aug 2023 05:20:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 247 KB
60 KB 151ms
51ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de94949c7d97d6322aefd2235f2dd9fd774c5898999c1c3f4009a7f6651b0e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:15:19 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 21:08:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 305
etag: W/"76d91e3b322f3ab5a7d8def911f1eae3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: TzWsYoUy0zMZ7TDrBv3xtituwoJD1lkbRpxZ5Ku2ZxW7mj6gPFxdxQ==

GET
H2 200 prebid.js Show response
static-tuko.akamaized.net/tuko/js/ 339 KB
97 KB 189ms
46ms Script
application/javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/prebid.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a8cc5f41f9f5d38a3bcbfc0590af19c2afc2ebd3d8993e91e1eb4aab87569526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:31 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b997-54c8a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 99198
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 217ms
119ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

847d81f4c9cce3ffe3ab361db7862018e31e879c124d0bfd2316da05915dbdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
server: cafe
etag: 838 / 19579 / m202308030102 / config-hash: 16206296919883034907
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 05:20:23 GMT

GET
H2 200 post.8a38c590.css
static-tuko.akamaized.net/tuko/css/ 3 KB
1 KB 176ms
47ms Stylesheet
text/css 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/css/post.8a38c590.css

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a1d64e177dc7f958a334986c6847bfe06d6930f5bd6e39e425276f0da4624260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:31 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b997-da8"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 847
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 common.50030dd2.css
static-tuko.akamaized.net/tuko/css/ 13 KB
4 KB 172ms
44ms Stylesheet
text/css 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/css/common.50030dd2.css

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

908694b190a78f9e9c2bb33e8c830e8b5edf726a69884e492c5dfb9e712748d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:31 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b997-3230"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3480
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/BC5PEEEd0P8Nw/tuko.co.ke/ 7 KB
3 KB 150ms
45ms Script
application/javascript 2600:9000:211e:e800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/BC5PEEEd0P8Nw/tuko.co.ke/choice.js?tag_version=V2
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b65e440dc27ab3f385163a38531f881f09e8c2dc3681d919a32b20cca912a472

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:23 GMT
content-encoding: br
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified: Thu, 18 May 2023 14:39:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 15
x-amz-server-side-encryption: AES256
etag: W/"125612566cdd5d37259b1b4fb3ac8892"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DrpoOoVC5xIaDVGxJNI2eWVl-vrsnwiG7v-oO1SkN3AIrIX8jPBFtw==

GET
H2 200 runtime.6b29e467.js Show response
static-tuko.akamaized.net/tuko/js/ 4 KB
2 KB 173ms
48ms Script
application/x-javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/runtime.6b29e467.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6241d4e76c34503bce31b5bcb7a8080dbc4768cdbd3b0e693771c5a675fad974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:01 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b979-ec8"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 1810
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 critical.1196b8a1.js Show response
static-tuko.akamaized.net/tuko/js/ 148 KB
48 KB 170ms
45ms Script
application/x-javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/critical.1196b8a1.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d9d1fe771c5be455b790000e9f089e0e6c78f35f68c48435532df4b55aadc9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:01 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b979-24fbc"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 48934
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 monetization.cef91148.js Show response
static-tuko.akamaized.net/tuko/js/ 31 KB
8 KB 170ms
45ms Script
application/x-javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/monetization.cef91148.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6411d065980af42ee2b0c4a4d1171a02ac3d50c81a229a37b9515fb3a1a6e997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:49:46 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b96a-7abe"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 8004
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 common.3deddfdf.js Show response
static-tuko.akamaized.net/tuko/js/ 5 KB
2 KB 128ms
128ms Script
application/javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/common.3deddfdf.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1c641326878f3b554e62ed1366cebf5dd5ea61eedc64c24f7c4c4e01449e1619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:31 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b997-1415"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 1783
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 102ms
31ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 04:50:29 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1794
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 10 Aug 2023 06:50:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 220ms
125ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DE3P9N1NJZ

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ad15c30e818eb27d8e55f1f3baa606939fc4fe10029537e4565c783b169158a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 05:20:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
76 KB 147ms
52ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCZWZK3

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a116cff3e14e41b43a18324237c5b1ff11774f4831a34cc84618e5c4f35e543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77672
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Aug 2023 05:20:23 GMT

GET
H/1.1 200
OK y5ZMgLQlE6HV Show response
cdn.onthe.io/io.js/ 56 KB
18 KB 211ms
94ms Script
text/javascript 116.203.211.129
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 116.203.211.129 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.129.211.203.116.clients.your-server.de
Software: nginx /
Resource Hash: a8aa8c9c731fc7c2a9624e6759820f62f5224b3a428f6b73ef8950409598e646

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 07:45:18 GMT
Server: nginx
ETag: W/"60ebf30e-e12d"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 11 Aug 2023 05:20:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 132ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Aug 2023 05:20:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: lhS/jBBc0zAaQ43YeGDSINbK1W9Ll6EMgIUCoYunqzVMXasL21vG5GF8XBdBef8sLIEkcN/RbQ7XU3wSMbxYEw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo-header.svg
static-tuko.akamaized.net/tuko/img/ 6 KB
3 KB 145ms
48ms Image
image/svg+xml 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-tuko.akamaized.net/tuko/img/logo-header.svg

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

22bd9ac72a08b8d4b717ab01eb9baebb79f133863e7e8a89eb4c14e7ce47b1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:49:17 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:23 GMT
etag: W/"64c3b94d-18cf"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3003
expires: Sat, 10 Aug 2024 05:20:23 GMT

GET
H2 200 pixel.gif
pixel.tuko.co.ke/ 43 B
292 B 325ms
43ms Image
image/gif 18.159.23.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tuko.co.ke/pixel.gif?article_id=516971

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.23.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-23-198.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *, *

GET
H2 200 be3a5f039de74e23.png
netstorage-tuko.akamaized.net/images/ 27 KB
27 KB 198ms
74ms Image
image/webp 23.48.23.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/be3a5f039de74e23.png?imwidth=720
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-38.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1eeda331adaabeb323c1a5f6a7b71d916b67d536fad2352b6bedcb502825ec4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
last-modified: Wed, 09 Aug 2023 08:29:58 GMT
server: Akamai Image Manager
etag: "69cb3c4ca003e645a82db2ea56321027:1691567279.03518"
content-type: image/webp
cache-control: no-transform, max-age=31622400
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 27322
expires: Sat, 10 Aug 2024 05:20:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 234ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB9) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:24 GMT
Content-Encoding: gzip
Age: 1313
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (amb/6BB9)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 70b257f920f4df3d.png
netstorage-tuko.akamaized.net/images/ 2 KB
2 KB 74ms
72ms Image
image/avif 23.48.23.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/70b257f920f4df3d.png?impolicy=cropped-image&imwidth=360
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-38.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: aa3eed23ac3f18762417f3679e4b0fb75cc99dac217ef3c9566a1b4c41036d7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
last-modified: Wed, 09 Aug 2023 18:14:29 GMT
server: Akamai Image Manager
etag: "12a452e031ad3bfb1cfd92dc61ec5899:1691604057.518893"
content-type: image/avif
cache-control: no-transform, max-age=31622400
content-length: 1840
expires: Sat, 10 Aug 2024 05:20:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 199ms
134ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2329416018e9fb0d895b58d685446234d2068be2b35db7d5801b216597365735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 05:20:24 GMT
content-md5: Zt67wFJxDp+VSbvotbzxSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: WFidsro1seTEjfVaeLll7TmqwNVFv932EIVtG9HOigreN33tD7Os4VLt3mtt8UQR+Ks5b6GX0x0BJKexSI+5gg==
x-fb-content-md5: 1701a620b4a4fd812f4804d475d08f98
cross-origin-opener-policy: same-origin-allow-popups
etag: "a7e34bff8570349060db39f55cb57552"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Aug 2023 05:39:15 GMT

GET
H2 200 logo-footer.svg
static-tuko.akamaized.net/tuko/img/ 6 KB
3 KB 45ms
44ms Image
image/svg+xml 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-tuko.akamaized.net/tuko/img/logo-footer.svg

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

913038faf12b4c5bd581ff1bf0fb206084201012e2dfa9de4acdc0df58d33a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:31 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:24 GMT
etag: W/"64c3b997-18ce"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3002
expires: Sat, 10 Aug 2024 05:20:24 GMT

GET
H2

200

26
n.mail-tuko.co.ke/online/
Redirect Chain

https://n.mail-tuko.co.ke/online/26
https://n.mail-tuko.co.ke/online/26?ar=1

43 B
370 B

64ms
62ms

Image
image/gif

2606:4700:3034::6815:3534
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n.mail-tuko.co.ke/online/26?ar=1

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Server

2606:4700:3034::6815:3534 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aI9dKNEtCKMdEhN%2Bnb0nm%2Bt36g7zjmfKmwBLhPIS%2FbqU73YiGp2kT2XKO93voIz8sj04G4xO53pxTgv6VNzRB2QnKXk5mqAOilBvQSRcZx8dbvKofhXK6%2BVGhPxBjlH8sUvsbZfURfhn5GkSbk3hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-execution-time: 11
cache-control: public
cf-ray: 7f45ca175b4e76f3-LHR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OO%2F8fl342cOeegci%2B3C4DhD%2F6abexpapqIrYN%2FVrj3Tu0Fqc1XL1D4FwXiZxhTtjVeoOC%2Bs7Frb%2FZt6Z9cdMEUPtBac3D7iScJkkHyJMEKf8v1F3sP1v%2BhDn7nq%2BcJodB%2BCkk%2Fm1qpYe1cjblDjNIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://n.mail-tuko.co.ke/online/26?ar=1
x-execution-time: 13
cf-ray: 7f45ca168aa076f3-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 post.04e0dbb5.js Show response
static-tuko.akamaized.net/tuko/js/ 68 KB
15 KB 86ms
85ms Script
application/x-javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/post.04e0dbb5.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e7f85f9d4629c5cd9e1365d46ee5503721b7a8a5ba9f3860f9874324520f7ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:01 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:24 GMT
etag: W/"64c3b979-11142"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 15367
expires: Sat, 10 Aug 2024 05:20:24 GMT

GET
H2 200 email-subscription.dfa81a5e.js Show response
static-tuko.akamaized.net/tuko/js/ 10 KB
3 KB 85ms
84ms Script
application/x-javascript 23.48.23.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-tuko.akamaized.net/tuko/js/email-subscription.dfa81a5e.js

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

70edaf04105a6b7bc4630928f36683ed194b4de6590a275a14a54583c0efae81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 12:50:01 GMT
server: nginx
date: Thu, 10 Aug 2023 05:20:24 GMT
etag: W/"64c3b979-2899"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3211
expires: Sat, 10 Aug 2024 05:20:24 GMT

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c025d77b7cb11a9215c1aa24e804db0ad8ad847483df216d3a27d9a71a93018

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb7e7e8b3956c97d3df70e25cee2281c949014b84830ba47fde1e6d97a46a3b6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
368 B 188ms
52ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 167ms
44ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/BC5PEEEd0P8Nw/tuko.co.ke/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 17 Aug 2023 05:20:24 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
44 KB 48ms
48ms Script
text/javascript 2600:9000:211e:e800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tuko.co.ke
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/BC5PEEEd0P8Nw/tuko.co.ke/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 04:50:55 GMT
content-encoding: br
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 19 Jul 2023 15:20:42 GMT
server: AmazonS3
etag: W/"1746c81073fb3adcecce59e604b48427"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: TbmxV8rGZPetYil6UBtzhzJPSBilLdNowSmnGLLGBjMLze06IrbTxw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 134ms
44ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
date: Wed, 09 Aug 2023 18:42:55 GMT
x-amz-cf-pop: FRA2-C1
age: 83817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: z9ty3Wx6gnEjHS7xMZdThp3pyUoji95Ux7YeQuuKFFSz2mlFOmQ2wQ==

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21fe13207060c53a28649a537fcb7e735a5ae3ebd0aa2299ddc64d935471e603

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 920 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4737bdcd8bfdb5e74d6cf7e0131e29b4b683381b3e38fa44522e0c5d272f3bbe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 562 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d77bf1fa656f6d506f93fb527e7cb5848f27007db2a3aa70a2e6d42b4c92a327

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53e5619f35e8752aef5c8633fe76233670dffc63476606dad983ee4210a93114

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 746 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 136898fd12e441f6eb90f6bfe7a8aafbc98cc4cabef7d8fa937263bfdf7b8da3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 089134a2be00f82a5cc5dd22e8136652afda16503ed8232c8fdd7850fb96ddd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61aa480f3269aa57a5142db42baa6260758030a514c1198b5cc2adf2f6c6b2c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f6282c8d5ae3e3df85b6557998db6c3fc47ed29e9548137a22438647c67beb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 43ms
43ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tuko.co.ke&pubid=1e2a5982-651d-4e7a-a1d1-465985a0dfb0
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 02:32:36 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 10067
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.tuko.co.ke
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: -2BYsGKmS3rpp6tL8QmzRwp4wpf56EfmjsxinU7pJm012Bv7rejGNA==

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 148ms
43ms XHR
application/json 2600:9000:225e:9000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tuko.co.ke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 034459651dfe7dd9d35633ce1e7da053b4b385a896edfadb4998c34d929fbf8c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: sZOpapdV9juBv7KR_zAAJcZEP70BCQzW
content-encoding: br
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date: Tue, 08 Aug 2023 14:47:11 GMT
x-amz-cf-pop: FRA60-P4
age: 138794
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Jul 2023 19:52:29 GMT
server: AmazonS3
etag: W/"cc0351f16a68f48b69c6fad79669223f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: yrd9_hJfyqBHAqbZj9Ckd7_kUdA1ea05SV-8NT7fReBHi2QO8plqcQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 400 KB
127 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 23:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20660
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 08 Aug 2024 23:36:04 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 127ms
45ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/common.3deddfdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 432
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f45ca17390b76ed-LHR
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 05:20:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DE3P9N1NJZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCZWZK3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04efedf49d3739f642752ebbc8f58f9de46e7cade744cb630901403fcaa553e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 05:20:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944988215&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCZWZK3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2259be857507cd65e1a6d4db7a964e57f659c93f91e7f7e19763305121533ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72623
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Aug 2023 05:20:24 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e915fb00cca9176d6e368265b6bc139aaf5b0080f9c407f974daba6c3bdfbb3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 80x80.png
media-tuko.s3.eu-central-1.amazonaws.com/custom/awards/ 22 KB
22 KB 188ms
68ms Image
image/png 52.219.169.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-tuko.s3.eu-central-1.amazonaws.com/custom/awards/80x80.png
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.169.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18832be36bd90eb84d6120a0c192f3d734af4eb7795206ec1c33d03599c5274b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
x-amz-version-id: 7k4jchOS8H7Uikw3ag0y6O7lxITOzfg8
Last-Modified: Mon, 13 Sep 2021 11:22:18 GMT
Server: AmazonS3
x-amz-request-id: AMFJJEJPNJTYSNGS
ETag: "7480c01218f876dd1786317b8113aa76"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 22493
x-amz-id-2: haO91Vc7dfCutbBNOulCxDu4Lq3byzSnPqQ5VOiS0d+iVWjGFn+nqmrnW5FkBCcPYjl9u4odTqM=

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 149ms
52ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/common.3deddfdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 05:20:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22286
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "0b554ade65733cb8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 05:20:24 GMT

GET
H/1.1 200
OK desktop_270x80_270x80-01.svg
gmem-shared.s3.amazonaws.com/images/stopWar/ 4 KB
4 KB 391ms
134ms Image
image/svg+xml 54.231.169.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmem-shared.s3.amazonaws.com/images/stopWar/desktop_270x80_270x80-01.svg
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.169.9 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e6a6d9334308d2a6e01003501d6e226b64dc768cccb41af6f11025fad212919

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Last-Modified: Tue, 05 Apr 2022 11:46:36 GMT
Server: AmazonS3
x-amz-request-id: AMFKW5HPZWGGRHV6
ETag: "71185f3ba5936c6f35e839fb60617f33"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 3971
x-amz-id-2: 9bqqrAhgKE3WZhZXlNMnDIMgJUZFTWGzYGjtsHyQ0CvWl2WN4683fj+Mr5pyDJ4I52PxHp8kIOI=

GET
H2 200 / Show response
www.tuko.co.ke/ajax/article/516971/ 24 KB
6 KB 91ms
90ms Fetch
application/json 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuko.co.ke/ajax/article/516971/?

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/post.04e0dbb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-139.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c1724b369b2ecb52b206f12df7bfa89c989483f24165c4a6558ec0d006aceba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
date: Thu, 10 Aug 2023 05:20:24 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 6217
expires: Thu, 10 Aug 2023 05:20:24 GMT

GET
H2 200 / Show response
www.tuko.co.ke/ajax/recommendation/ 10 KB
2 KB 88ms
88ms Fetch
application/json 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuko.co.ke/ajax/recommendation/?visitor_id=02519d45-17b2-4f1c-b006-b98fde2a94e7&article_id=516971&limit=10

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/post.04e0dbb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-139.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5486a6b1c8a8d8b4365ddd68608784dac0f81899b943d75a4571d208add42240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
date: Thu, 10 Aug 2023 05:20:24 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 1650
expires: Thu, 10 Aug 2023 05:20:24 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 113ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DE3P9N1NJZ&gtm=45je3890&_p=175152708&_gaz=1&cid=1979494456.1691644824&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sid=1691644824&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&dt=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.is_evergreen=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DE3P9N1NJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 110ms
37ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DE3P9N1NJZ&cid=1979494456.1691644824&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DE3P9N1NJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 180ms
59ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DE3P9N1NJZ&cid=1979494456.1691644824&gtm=45je3890&aip=1&z=1903272733

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 393666e1a0288b12.jpg
netstorage-tuko.akamaized.net/images/ 5 KB
5 KB 54ms
52ms Image
image/avif 23.48.23.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netstorage-tuko.akamaized.net/images/393666e1a0288b12.jpg?impolicy=cropped-image&imwidth=256
Requested by: Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-38.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 408ebb88da146a461969d1348bafd662774f0070fde10bdb95289adbb41b1c46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
last-modified: Tue, 09 May 2023 11:38:45 GMT
x-serial: 1079
server: Akamai Image Manager
x-check-cacheable: YES
etag: "fbd710a0e8b03a0d6cc6b2eed9897411:1683037987.577746"
content-type: image/avif
cache-control: no-transform, max-age=31622400
content-length: 4676
expires: Sat, 10 Aug 2024 05:20:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 38ms
37ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=175152708&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&ul=en-us&de=UTF-8&dt=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABCAQCACAAI~&jid=643191486&gjid=295145947&cid=1979494456.1691644824&tid=UA-61484401-1&_gid=1301453258.1691644824&_slc=1&cd7=regular&cd5=Regular&z=691457704

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
352 B 92ms
36ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61484401-1&cid=1979494456.1691644824&jid=643191486&gjid=295145947&_gid=1301453258.1691644824&_u=YCDAgUABCAQCAGAAI~&z=1922266250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Aug 2023 05:20:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 37ms
37ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=175152708&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&ul=en-us&de=UTF-8&dt=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABCAQCAGAAI~&jid=1265460029&gjid=481674608&cid=1979494456.1691644824&tid=UA-90901011-1&_gid=1301453258.1691644824&_r=1&_slc=1&z=1255087991

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1691063087928925 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1691063087928925?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

072deaf24df2cb718800f876d9db7cb281c27932a8df7bb3a9737065c60e7329

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Aug 2023 05:20:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89077
x-xss-protection: 0
pragma: public
x-fb-debug: kyz9+4X3jaAvetHh8noU9+dynM+e7E+Ne0QBF3NV/1BZFEkpL5kQoXDOmHxEpIsq5NAO54mEhU1b6JBFvmzI8Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 159ms
47ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=3883:uniques_instantly[url:%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F,domain:www.tuko.co.ke,page:Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke,page_type:article,author:Wycliffe%20Musalia,category:BUSINESS%20AND%20ECONOMY,language:en,tag:dp-william-ruto-news,type_article:article,pub_date:Wed%2C%2009%20Aug%202023%2012%3A01%3A53%20%2B0300,reference_time:145,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36,device:desktop,browser_version:Chrome%20115,browser:Chrome,depth:1,user_type:new,user_id:b863698e6.036dc7484_1691644824225,session_id:89433c649.a38192535_1691644824226,cdn_version:82]&s=5d785ab6bc6a47ec1c1296ff05c4cce1&1691644824231
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:24 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 159ms
48ms Script
text/html 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=10&holding=e3155c435e925683dd022a3f2070aae6&hash_user=b863698e6.036dc7484_1691644824225&1691644824232
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:24 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 138ms
46ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=3883:visits_instantly[url:%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F,domain:www.tuko.co.ke,page:Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke,page_type:article,author:Wycliffe%20Musalia,category:BUSINESS%20AND%20ECONOMY,language:en,tag:dp-william-ruto-news,type_article:article,pub_date:Wed%2C%2009%20Aug%202023%2012%3A01%3A53%20%2B0300,reference_time:145,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36,device:desktop,browser_version:Chrome%20115,browser:Chrome,depth:1,user_type:new,user_id:b863698e6.036dc7484_1691644824225,session_id:89433c649.a38192535_1691644824226,cdn_version:82]&s=5d785ab6bc6a47ec1c1296ff05c4cce1&__io=b863698e6.036dc7484_1691644824225&1691644824285
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:24 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 148ms
49ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=3883:pageviews[url:%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F,domain:www.tuko.co.ke,page:Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke,page_type:article,author:Wycliffe%20Musalia,category:BUSINESS%20AND%20ECONOMY,language:en,tag:dp-william-ruto-news,type_article:article,pub_date:Wed%2C%2009%20Aug%202023%2012%3A01%3A53%20%2B0300,reference_time:145,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36,device:desktop,browser_version:Chrome%20115,browser:Chrome,depth:1,user_type:new,user_id:b863698e6.036dc7484_1691644824225,session_id:89433c649.a38192535_1691644824226,cdn_version:82]&s=5d785ab6bc6a47ec1c1296ff05c4cce1&1691644824290
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:24 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 90ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a9352b0e28857b94b216a51f6eec1799

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f71f85694575b5815148b49400bd1c405c5aa381a4cc7b64e3c10c74a6cb0d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tuko.co.ke/
Origin: https://www.tuko.co.ke
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 05:20:24 GMT
content-md5: B8ldQbC8DQEFzrhmcBVpcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88675
x-fb-debug: XHZV9ckq6TWOyvVi2KN4fcDXn9hY8JYXYn2vb0EfGhIag8yRhFc0tl5dClIuVLo8Cn/IX6nVqcfS0PPOcLli8A==
x-fb-content-md5: 118357f430b74b0b7342b76713215f4b
cross-origin-opener-policy: same-origin-allow-popups
etag: "91e291b2d182e90d11d16ba21c433102"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 09 Aug 2024 03:47:33 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/47/ 248 KB
61 KB 47ms
47ms Script
text/javascript 2600:9000:211e:e800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tuko.co.ke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 12:50:39 GMT
content-encoding: br
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 59386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 19 Jul 2023 15:20:10 GMT
server: AmazonS3
etag: W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: -kpHX3PB1rCBTxb9F5SqnIh145jYXqFwHAYLRG7i1XQOIUqx7nTh4A==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 358 KB
44 KB 137ms
48ms XHR
application/json 2600:9000:211e:e800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tuko.co.ke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cf74b82f5a4ffa0d9c4809d40c0dde44cc6ec8b3952acf697f435e6a4d90526

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 03:00:42 GMT
content-encoding: br
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8383
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Aug 2023 03:00:37 GMT
server: AmazonS3
etag: W/"a9e8c3c0f2738a6d8ba655178c0724ec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 75dLL7g36f8BxytQKMGWJ-4Va7KRP_85h9yqFeUGXbVyUCZYXNTjTw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 145ms
53ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61484401-1&cid=1979494456.1691644824&jid=643191486&_u=YCDAgUABCAQCAGAAI~&z=656965768

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 56ms
56ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61484401-1&cid=1979494456.1691644824&jid=643191486&_u=YCDAgUABCAQCAGAAI~&z=656965768

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-BC5PEEEd0P8Nw.js Show response
rules.quantcount.com/ 160 B
633 B 165ms
48ms Script
application/javascript 2600:9000:223c:8a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BC5PEEEd0P8Nw.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85371fd2a86e3a17ceeb89aaeac836e50249bfa3a2eea4070fa3af90d4721c17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 04:24:32 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:08:29 GMT
server: AmazonS3
etag: "b3827f3d45c14566f48026a10fdeabe2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ma9WHAcg939PeY3kgKxoX3HzpCBwYruRg2GzTOzNvaqtGwNM4R4Yjw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944988215/ 3 KB
2 KB 150ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944988215/?random=1691644824318&cv=11&fst=1691644824318&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944988215&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f85c4148b1b0146c68c5b9b63fa0df3a111008735c847db14d0f47a16fc96e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1440
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/944988215/ 3 KB
2 KB 165ms
54ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/944988215/?random=1691644824329&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&label=8axxCPSwv8oDELfAzcID&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944988215&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

5f1bf3a29d27e50d3cfd9a49d591811140a880c98453d29ebb14b932108c53a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1691
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 137ms
40ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tuko.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.tuko.co.ke
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 10 Aug 2023 05:20:24 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
591 B 442ms
328ms XHR
application/json 18.197.82.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&tmax=3000

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.197.82.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-82-230.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
162 B 367ms
294ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.tuko.co.ke
pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 185ms
73ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=56894139559&lsavail=0

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 64a528b9705ed487fcb95840 Show response
exchange.cootlogix.com/prebid/multi/ 0
285 B 344ms
109ms XHR
text/plain 206.189.203.95
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/64a528b9705ed487fcb95840
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.203.95 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

POST
H2 204 64a528b9705ed487fcb95840 Show response
exchange.cootlogix.com/prebid/multi/ 0
285 B 343ms
109ms XHR
text/plain 206.189.203.95
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/64a528b9705ed487fcb95840
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.203.95 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

POST
H2 204 64a528b9705ed487fcb95840 Show response
exchange.cootlogix.com/prebid/multi/ 0
286 B 343ms
108ms XHR
text/plain 206.189.203.95
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/64a528b9705ed487fcb95840
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.203.95 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

POST /
hb.emxdgt.com/ 0
0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 42 KB
10 KB 266ms
187ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU1FDX19
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6e9c3a1777e07f1f8d0f7a0826933232eef7a2d53fe44b7b9c96f76ffad2d401

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 10 Aug 2023 05:20:24 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 379 B
1 KB 368ms
261ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8514dc58c0854b71badb961e3843a4d6b2496e0f35ac00eef0b778146bdfc840

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
an-x-request-uuid: 0a3e8ecb-01d9-437f-a83a-f61a908704c4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.138.196.107; 217.138.196.107; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 379
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 191ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
6 KB 322ms
202ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24358&site_id=417296&zone_id=2356976%3B2356972%3B2356970&size_id=15%3B2%3B2&alt_size_ids=%3B55%2C58%3B55%2C58&rf=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&tg_i.domain=tuko.co.ke&tg_i.page=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&tg_i.pbadslot=%2F76590364%2FTuko_sidebar_in_article%3B%2F76590364%2Ftuko_01%3B%2F76590364%2Ftuko_universal_anchor&tk_flint=pbjs_lite_v7.54.4&x_source.tid=7233dd75-998f-4833-95f4-c47dda0e2a94%3B198da5a4-8402-403a-ac4c-f36059612fc2%3Bd4edd044-aded-4d33-859c-a16172bbf4bb&l_pb_bid_id=48ee3994f5a4046%3B49fa56a237fd62c%3B5092ac290d862b8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7233dd75-998f-4833-95f4-c47dda0e2a94%3B198da5a4-8402-403a-ac4c-f36059612fc2%3Bd4edd044-aded-4d33-859c-a16172bbf4bb&rp_maxbids=1&p_gpid=%2F76590364%2FTuko_sidebar_in_article%3B%2F76590364%2Ftuko_01%3B%2F76590364%2Ftuko_universal_anchor&slots=3&rand=0.5049983758467524
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae9c35c457d5528f3aca9ed29f0dced0d18505af5e9900ffc01d8ad5635f0c17

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 199ms
80ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 198ms
80ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 207ms
89ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 203ms
85ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 207ms
90ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 206ms
88ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 207ms
90ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 204ms
87ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 239ms
122ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 207ms
90ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 206ms
90ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 238ms
121ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 323ms
207ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:24 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
556 B 221ms
155ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=613968
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481040188ca3f67224826da94d3d246b127b0a0d037b05cbde94c6ed512d8afe

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT%2B07mmPFX%2B%2BOXH%2FhrBPHmpyOX2LQgb0vLB6b%2FRCCKdQIF%2Bnu3PJWlhn%2B8kna%2Boix4bjYCfHM6MaOQcxvd1%2FcgMURuh0QOfpX5GVN4ruhMchUheQciUw8AHxi9l2DKG%2BeyzmTkej"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7f45ca18e94e220a-MAN
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 211ms
77ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&pid=79K1n6CYUfYMz&cb=0&ws=1600x1200&v=23.803.1838&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1567091128530-0-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F76590364%2FTuko_sidebar_in_article%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1489748486636-0-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221000x90%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_01%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1489759964734-0-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221000x90%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_universal_anchor%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1489759421791-0-1%22%2C%22s%22%3A%5B%221x1%22%2C%22150x150%22%5D%2C%22sn%22%3A%22%2F76590364%2Ftuko_universal_nonstandard%22%7D%5D&pubid=1e2a5982-651d-4e7a-a1d1-465985a0dfb0&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: KHJDNKN7YED4J7YY60Q2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YNJjqwWGXfD1aPrWRjxIJAWDY5TnrQ4ESUQnlImBhffjZapsMwTmYA==

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 1ECF 320 KB
104 KB 51ms
51ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tuko.co.ke
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B94) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 626848
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Aug 2023 05:20:24 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B94)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 53ms
52ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 432
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f45ca18c9f076ed-LHR
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 05:20:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 137ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1691063087928925&ev=PageView&dl=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&rl=&if=false&ts=1691644824442&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.2.1691644824440.1490066586&it=1691644824218&coo=false&exp=a1&rqm=GET

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Aug 2023 05:20:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 156ms
43ms XHR
text/plain 35.157.8.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22BC5PEEEd0P8Nw%22%2C%22domain%22%3A%22www.tuko.co.ke%22%2C%22publisher%22%3A%22Tuko%20%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22x8nDFuES6SyaqEYZ%2Fu6LPA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1691644824463%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-40rwg8ukkcpdttseqx1r%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.8.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-8-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Aug 2023 05:20:24 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 48ms
48ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=336:uniques_holding&s=5d785ab6bc6a47ec1c1296ff05c4cce1&__io=b863698e6.036dc7484_1691644824225&1691644824525
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/y5ZMgLQlE6HV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:24 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1ECF 869 B
658 B 204ms
120ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7eb68561bfd1c512d2a985649d12d3dfcd3db103

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.tuko.co.ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 88
date: Thu, 10 Aug 2023 05:20:24 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 10 Aug 2023 05:20:24 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 5a021283767f3fae
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 500a5f8ef84bfbb0e5b524fdb3cd270b181a3ab5c7905807a9a1fd7d15219164
content-length: 337

GET
H2 200 /
www.google.com/pagead/1p-user-list/944988215/ 42 B
154 B 53ms
53ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944988215/?random=1691644824318&cv=11&fst=1691643600000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=639038423&rmt_tld=0&ipr=y

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/944988215/ 42 B
154 B 56ms
55ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/944988215/?random=1691644824318&cv=11&fst=1691643600000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=639038423&rmt_tld=1&ipr=y

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/944988215/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness...
https://www.google.co.uk/pagead/1p-conversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusine...

42 B
64 B

60ms
60ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&label=8axxCPSwv8oDELfAzcID&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUklsQUZWWm5HdGdDQkVJR2s0QTJPZmdlaTR1Y05uUW0xT3czc2F2Um0xSklJT1lVQmR0WmcaV0NoQUk4UExNcGdZUW1JS2g3ZUxLajZvWkVpMEFSaDUxZF9YSjB1OXhPVWV2eTctQmtVX0p6VkFTTmZyN29NclRLTzRhYmFvZ2FpSXRfdEVpa2VhZG9tTSITCLHd5Ias0YADFRjKuwgd9GEKiQ&is_vtc=1&ocp_id=mHPUZLGxHJiU7_UP9MOpyAg&cid=CAQSKQBpAlJWxFnQPEiqRkWaYlXdwtxlVj9j_lgPzMpqbMkAUdOCQGqanGZa&random=3218989954&ipr=y

Requested by

Host: www.tuko.co.ke
URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/pagead/1p-conversion/944988215/?random=2104774536&cv=11&fst=1691644824329&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&label=8axxCPSwv8oDELfAzcID&hn=www.googleadservices.com&frm=0&tiba=Kenyan%20Civil%20Servants%20to%20Lose%20Allowances%20as%20Govt%20Seeks%20to%20Lower%20Ballooning%20Public%20Wage%20Bill%20-%20Tuko.co.ke&us_privacy=error&auid=558993028.1691644824&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUklsQUZWWm5HdGdDQkVJR2s0QTJPZmdlaTR1Y05uUW0xT3czc2F2Um0xSklJT1lVQmR0WmcaV0NoQUk4UExNcGdZUW1JS2g3ZUxLajZvWkVpMEFSaDUxZF9YSjB1OXhPVWV2eTctQmtVX0p6VkFTTmZyN29NclRLTzRhYmFvZ2FpSXRfdEVpa2VhZG9tTSITCLHd5Ias0YADFRjKuwgd9GEKiQ&is_vtc=1&ocp_id=mHPUZLGxHJiU7_UP9MOpyAg&cid=CAQSKQBpAlJWxFnQPEiqRkWaYlXdwtxlVj9j_lgPzMpqbMkAUdOCQGqanGZa&random=3218989954&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/25e25a54-5759-4a92-9375-e0f74209e79b/ 5 KB
2 KB 57ms
43ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/25e25a54-5759-4a92-9375-e0f74209e79b/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ce24cfb350371ea90d41073635083820aebc8fcb4c2ede02d2f4dc4929a190

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1853
cf-polished: origSize=5138
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 353280b5-1614-473f-b234-299dcc3e7834
x-runtime: 0.034163
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"8164a3fab44c044c2ec2b8c818bb0dcb"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7f45ca19ea7e76ed-LHR
access-control-allow-headers: SDK-Version
expires: Thu, 10 Aug 2023 06:20:24 GMT

GET
H/1.1 200
OK tweet.b81b6d7af2d75db873cff6099e4f433a.js Show response
platform.twitter.com/js/ 8 KB
3 KB 49ms
49ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B82) /
Resource Hash: e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:24 GMT
Content-Encoding: gzip
Age: 626850
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2700
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (amb/6B82)
Etag: "09ec5707a836b9e4f4427dcddd1d0c64+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 4B52 345 B
918 B 51ms
51ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: a636d9148b1af206baeace1b74dd84119caf7dd2beba5d2729ed6b9105af8a71

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 178
Cache-Control: public, max-age=1800
Content-Length: 345
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Aug 2023 05:20:24 GMT
Etag: "c22df39fdae6fe0e58f08aaa0da97dfe"
Last-Modified: Wed, 02 Aug 2023 23:07:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B87)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK embed.runtime.f3e57ef931459836a2c7.js Show response
platform.twitter.com/embed/ Frame 4B52 9 KB
5 KB 50ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: 403205d0a016454706357a3324a6d7b6b1feef3df33abb94d6059c1c4424ba0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:24 GMT
Content-Encoding: gzip
Age: 626850
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 4231
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6BBC)
Etag: "936fc01c0d5bd839161d69c487ca4cb3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.8601.9934bea25cda9d7ebe46.js Show response
platform.twitter.com/embed/ Frame 4B52 488 KB
160 KB 101ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.8601.9934bea25cda9d7ebe46.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B96) /
Resource Hash: f1ae9c2026aa097e604015d4bd47dca4778ac704f883659be7b4b312be583342

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:24 GMT
Content-Encoding: gzip
Age: 609767
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 162750
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6B96)
Etag: "55504f1cfd3e8a03140f64af41f78e0b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.50b440782c4b1f1c8d00.js Show response
platform.twitter.com/embed/ Frame 4B52 16 KB
7 KB 198ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.50b440782c4b1f1c8d00.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: 740da0b55ec85d06a7a81fdfa62a1df291cf4bad6ecddbfaab8579abcedf77aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Content-Encoding: gzip
Age: 626851
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6436
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6B97)
Etag: "4ac7e518bb526aab2dd4e71e0beb9115+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 511E 0
49 B 45ms
44ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.tuko.co.ke
Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.tuko.co.ke
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 05:20:24 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame 4B52 19 KB
7 KB 50ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB5) /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Content-Encoding: gzip
Age: 626851
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6789
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6BB5)
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.6f17855ce00c810739c7.js Show response
platform.twitter.com/embed/ Frame 4B52 4 KB
2 KB 51ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.6f17855ce00c810739c7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC0) /
Resource Hash: aaf8348fad3676d3d62c09c1a92f11d075643f798d1a3516b4a34cf9eb127862

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Content-Encoding: gzip
Age: 626850
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1532
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6BC0)
Etag: "5b5cbc6ad9092f6f21500a609c1aa00b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js Show response
platform.twitter.com/embed/ Frame 4B52 35 KB
12 KB 51ms
51ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Content-Encoding: gzip
Age: 626851
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 11289
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6B7E)
Etag: "df117930505b95292615fd76b0e9369c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9203.3f277c45e9937b13e8c4.js Show response
platform.twitter.com/embed/ Frame 4B52 267 KB
82 KB 52ms
51ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9203.3f277c45e9937b13e8c4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8C) /
Resource Hash: c731d1ac06ce0723680061bb7eab4bfe43bad28d6af8d8fa8cf855b16ff60784

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Content-Encoding: gzip
Age: 626850
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 83749
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6B8C)
Etag: "10f14cb43e1e020e75b5aef9b88c8bcb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.40a6f6e34beccdf3a9eb.js Show response
platform.twitter.com/embed/ Frame 4B52 83 KB
20 KB 50ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.40a6f6e34beccdf3a9eb.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC8) /
Resource Hash: 16b018c3726370f880955556dfceb109925a7e2f719eedff6e5483a4526c7608

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1688993822343057410&lang=en&origin=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&sessionId=7eb68561bfd1c512d2a985649d12d3dfcd3db103&siteScreenName=tuko_co_ke&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:25 GMT
Content-Encoding: gzip
Age: 626850
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 19440
Last-Modified: Wed, 02 Aug 2023 23:07:29 GMT
Server: ECS (amb/6BC8)
Etag: "e7c51bbaea1038e32206dc28b31807a1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 4B52 2 KB
2 KB 239ms
58ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1688993822343057410&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.8601.9934bea25cda9d7ebe46.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6346) / Express

Resource Hash

f870b3e0fbdc49d945079202350985c03f1eb7f8089ebb2ecc2f4ff7694adb68

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 05:20:25 GMT
strict-transport-security: max-age=631138519
age: 54
x-powered-by: Express
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1005
x-xss-protection: 0
x-response-time: 124
last-modified: Thu, 10 Aug 2023 05:18:23 GMT
server: ECS (lhb/6346)
etag: W/"977-a1k0r6gNCjMN8Te8CtsZX2qaB5o"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: ece490f4378529a3
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 605c946c4a5f9c5b9a70158c81e4c203aeac24a7acf2bc8d1839e5de618a93d8
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 4B52 43 B
127 B 128ms
128ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1691644825644%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22tuko_co_ke%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%221af83828325ba%3A1691007384923%22%2C%22item_ids%22%3A%5B%221688993822343057410%22%5D%2C%22item_details%22%3A%7B%221688993822343057410%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 96
date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 10 Aug 2023 05:20:25 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 6f989e6156586c1a
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 500a5f8ef84bfbb0e5b524fdb3cd270b181a3ab5c7905807a9a1fd7d15219164
content-length: 43

GET
H2 200 _2agddGH_normal.jpg
pbs.twimg.com/profile_images/1666165232903880704/ Frame 4B52 2 KB
2 KB 153ms
44ms Image
image/jpeg 2a04:4e42:8e::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1666165232903880704/_2agddGH_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bbca11bfb8278d2b278f1c911f6468e561700c914d067a6e3709a4041ddd46f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 10 Aug 2023 05:20:25 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2035
x-served-by: cache-lhr7335-LHR, cache-fra-etou8220091-FRA, cache-tw-ZZZ1
last-modified: Tue, 06 Jun 2023 19:26:42 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2ba4c9a961c081bd
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 F3CC7AgWsAA3h0q
pbs.twimg.com/media/ Frame 4B52 101 KB
102 KB 151ms
46ms Image
image/jpeg 2a04:4e42:8e::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/F3CC7AgWsAA3h0q?format=jpg&name=900x900

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

209b268e294813c4bcfc2d2367549eb17353c387578de52024d297d0e7375b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 10 Aug 2023 05:20:25 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 103853
x-served-by: cache-lhr7323-LHR, cache-fra-etou8220091-FRA, cache-tw-ZZZ1
last-modified: Tue, 08 Aug 2023 19:19:19 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ade334aa1183d478
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 4B52 43 B
96 B 122ms
122ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1691644825804%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22tuko_co_ke%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%221af83828325ba%3A1691007384923%22%2C%22item_ids%22%3A%5B%221688993822343057410%22%5D%2C%22item_details%22%3A%7B%221688993822343057410%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A938.7999992370605%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 90
date: Thu, 10 Aug 2023 05:20:24 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 10 Aug 2023 05:20:25 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 0601d404b391e624
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 500a5f8ef84bfbb0e5b524fdb3cd270b181a3ab5c7905807a9a1fd7d15219164
content-length: 43

POST
H3 204 /
www.tuko.co.ke/ajax/visit/ 0
0 73ms
73ms Fetch
text/html 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuko.co.ke/ajax/visit/

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/post.04e0dbb5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-139.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 10 Aug 2023 05:20:27 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Aug 2023 05:20:27 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 146ms
71ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 05:20:27 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 36ms
36ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tuko.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.tuko.co.ke
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 10 Aug 2023 05:20:27 GMT

POST
H2 204 64a528b9705ed487fcb95840 Show response
exchange.cootlogix.com/prebid/multi/ 0
285 B 106ms
106ms XHR
text/plain 206.189.203.95
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/64a528b9705ed487fcb95840
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.203.95 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:27 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 449 B
506 B 1127ms
1127ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24358&site_id=417296&zone_id=2356974&size_id=2&rf=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&tg_i.domain=tuko.co.ke&tg_i.page=https%3A%2F%2Fwww.tuko.co.ke%2Fbusiness-economy%2F516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill%2F&tg_i.pbadslot=%2F76590364%2Ftuko_universal_intext&tk_flint=pbjs_lite_v7.54.4&x_source.tid=5344916a-02af-4dcf-bb08-0de99fd65262&l_pb_bid_id=83f8954af3e96ee&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5344916a-02af-4dcf-bb08-0de99fd65262&rp_maxbids=1&p_gpid=%2F76590364%2Ftuko_universal_intext&slots=1&rand=0.42476297583556066
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fe2e0277aea44f8e087868feaac93b611926ff63d652d94232382774084a8497

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 449
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
330 B 116ms
115ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=613969
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391b5898cc31caaf23ce55893f0349e978163b5119b87e7509c73958499479be

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqdCgOfyyfgZLA1CLemBuwfL16CGqQPSOolpKBkGic7F4p8KAVuUAJQgmC2%2FBFFKYt0QqkzSvnhD6kknfbRcUe8yS0L%2BH9iAsg40bxz2MiWP0Y8LnpZ50DOcGY2gTweGw0rfnUQE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7f45ca2b6841220a-MAN
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
558 B 45ms
44ms XHR
application/json 18.197.82.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.197.82.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-82-230.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:27 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST /
hb.emxdgt.com/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 54ms
54ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=81446147587&lsavail=0

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:27 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 15 KB
7 KB 144ms
144ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU1FDX19
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1c82edd71fbf8c9809d490da7c7f0fd950d1f23bd708bef3fb9c403729b99f26

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:27 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 10 Aug 2023 05:20:27 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
161 B 148ms
148ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.tuko.co.ke
pragma: no-cache
date: Thu, 10 Aug 2023 05:20:27 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 248ms
248ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e951ae17fb5278b83e57060f2d3fded4808734eae3354da59a1cf362dc8c09b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:27 GMT
content-encoding: gzip
an-x-request-uuid: b7c39fd4-f21f-40ba-be0e-02d84cafefe7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuko.co.ke
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.138.196.107; 217.138.196.107; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 48ms
47ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:27 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 47ms
46ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:27 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 49ms
49ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:27 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 51ms
51ms XHR
text/plain 3.64.70.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.70.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-70-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:27 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 137ms
137ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tuko.co.ke/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tuko.co.ke
date: Thu, 10 Aug 2023 05:20:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 84ms
84ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:27 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 7Y80TJ1BAA9ZK6N3BREG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tuko.co.ke
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2-LH7H_i7r7QS2Nll2iCtGjKiPdeobVFyaIA9Hw9qqWKXA1qatF1dA==

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 143ms
72ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tuko.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Aug 2023 05:20:27 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame BC84 3 KB
2 KB 104ms
30ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1184
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7f45ca2eca5d54be-MAN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 10 Aug 2023 05:20:27 GMT
expires: Thu, 10 Aug 2023 09:20:27 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 28E6 281 B
554 B 153ms
42ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Aug 2023 05:20:28 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 9C0E 24 KB
8 KB 177ms
73ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU1FDX19&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C2069%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C2040%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C2037%2C446%2C9%2C208%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C2047%2C337%2C338%2C459%2C77%2C38%2C182%2C141%2C262%2C186%2C461%2C222%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f3afebec59c2eebb0aa7fa67823b7855683ae78273d053dcf3880932fdb3fcff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8522
content-type: text/html; charset=UTF-8
date: Thu, 10 Aug 2023 05:20:28 GMT
expires: Sat, 12 Aug 2023 05:20:28 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 5226 37 B
140 B 128ms
45ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 10 Aug 2023 05:20:28 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D822 15 KB
6 KB 165ms
43ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=85184
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 10 Aug 2023 05:20:28 GMT
expires: Fri, 11 Aug 2023 05:00:12 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 4DF8 977 B
1 KB 111ms
34ms Document
text/html 172.67.141.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.67.141.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 6777
CF-Cache-Status: HIT
CF-RAY: 7f45ca2eed9b54d0-MAN
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Thu, 10 Aug 2023 05:20:27 GMT
Last-Modified: Thu, 26 Jan 2023 15:01:29 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o%2Ft4s3iMQEHZCl4aarE7ig5hyRrIazHPI8kFiH9pKiLM1%2FXrif6NS8P3zEVJz0IxLbRKlXVVkXrtHobGrt%2B2N%2B8NoDDB9Kyo2mMYe0g8A1nalU5A01Bs7v2ylOYe2u%2BakyxR7lm"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 1b05f9178c1c0be702b00f1d1f0bcff6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: OJN_Lzz73dXWTjx_u3QhIFJxZ32V4YtAxhhO-kzoNNAhPVE2OFd_tQ==
X-Amz-Cf-Pop: LHR62-C3
X-Cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
sync.cootlogix.com/api/sync/iframe/ Frame 3C7F 109 B
422 B 329ms
105ms Document
text/html 64.227.9.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: static-tuko.akamaized.net
URL: https://static-tuko.akamaized.net/tuko/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.9.154 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer: https://www.tuko.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
content-length: 109
content-type: text/html
date: Thu, 10 Aug 2023 05:20:28 GMT
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 28E6 34 KB
10 KB 45ms
45ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bd267246d041a46a68806b4f0335a2bbca415ba83fb340f715b6b45fcf714c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Aug 2023 13:23:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=28923
Connection: keep-alive
Content-Length: 10117
Expires: Thu, 10 Aug 2023 13:22:31 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D822 2 KB
3 KB 107ms
30ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44961853&p=161689&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 67a62d05eaab3b8427bb7790fd5f148466245fbc457d806d2a5f6d94fb84e691

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 10 Aug 2023 05:20:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 07BE
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=47308351121490985

42 B
272 B

36ms
36ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=47308351121490985
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 10 Aug 2023 05:20:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=47308351121490985
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 1436 43 B
363 B 123ms
35ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 05:20:27 GMT
expires: Thu, 10 Aug 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 258844
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EDF8
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420504671003

42 B
194 B

36ms
35ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420504671003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 10 Aug 2023 05:20:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Thu, 10 Aug 2023 05:20:28 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420504671003
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 3FFD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

202ms
202ms

Document
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 10 Aug 2023 05:20:28 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: G9JZVJ03X4MZYXV7JVRN

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 10 Aug 2023 05:20:28 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4EDM6HDH67QKW409V1AH

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F324
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ

42 B
573 B

129ms
36ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 10 Aug 2023 05:20:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 10 Aug 2023 05:20:28 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D822
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9guL909CSXmexzuoFNEuqQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

43ms
42ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=85184
accept-ranges: bytes
content-length: 5606
expires: Fri, 11 Aug 2023 05:00:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame D822 49 B
266 B 135ms
41ms Image
image/gif 34.241.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.192
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame D822
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2297212996
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9

0
284 B

124ms
38ms

Image
text/plain

34.111.131.239

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9
Protocol: H2
Server: 34.111.131.239 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:27 GMT
via: 1.1 google
last-modified: Thu, 10 Aug 2023 05:20:28 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9
date: Thu, 10 Aug 2023 05:20:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame D822
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NDdiT2x1RzVwNGVTRXloNUEtTkxFRVllUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=6043210129849006797&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

117ms
117ms

Image
image/png

34.235.212.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 34.235.212.6 -, , ASN (),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 05:20:29 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 10 Aug 2023 05:20:28 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D822
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjYwQjhCRjctNEY0Mi00OTc5LTlFQzctM0JBODE0RDEyRUE5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

35ms
35ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 10 Aug 2023 05:20:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D822
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAj5LZ2bbY_d0so2OEbXH-A&google_cver=1

42 B
345 B

36ms
35ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAj5LZ2bbY_d0so2OEbXH-A&google_cver=1
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 10 Aug 2023 05:20:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAj5LZ2bbY_d0so2OEbXH-A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame D822 43 B
610 B 133ms
39ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Aug 2023 05:20:28 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D822
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6043210129849006797

42 B
471 B

109ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6043210129849006797
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 10 Aug 2023 05:20:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6043210129849006797
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D822 70 B
265 B 139ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 28E6
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LBiDuPOVSpSo2IRGCY4mqA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LBiDuPOVSpSo2IRGCY4mqA

43 B
479 B

49ms
48ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LBiDuPOVSpSo2IRGCY4mqA

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X40QK4B7SFNY1J5SVQPX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LBiDuPOVSpSo2IRGCY4mqA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEw0UE5HRUYtUS0yUkI3
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEAPlaASvxj-oui66sUiAGw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0UE5HRUYtUS0yUkI3&google_push=

170 B
188 B

54ms
54ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0UE5HRUYtUS0yUkI3&google_push=

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0UE5HRUYtUS0yUkI3&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 28E6
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL4PNGEF-Q-2RB7

0
649 B

195ms
122ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL4PNGEF-Q-2RB7
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 05:20:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C946BDAE9B544B41A37D17F60CEC802E Ref B: LTSEDGE1012 Ref C: 2023-08-10T05:20:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCisEfYXvJoBtQLgFscA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL4PNGEF-Q-2RB7
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 28E6 70 B
264 B 45ms
44ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 28E6
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/vDxoQlikgQSWv_tM2DRYIA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xkTRwKFE2oK3wvfQXUPOH4PL2GzTq7D0asHQvQ--~A

0
239 B

45ms
45ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xkTRwKFE2oK3wvfQXUPOH4PL2GzTq7D0asHQvQ--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 10 Aug 2023 05:20:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xkTRwKFE2oK3wvfQXUPOH4PL2GzTq7D0asHQvQ--~A
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 28E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4yml7cwq1nHMWcyYp8g5E&google_cver=1

0
239 B

192ms
45ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4yml7cwq1nHMWcyYp8g5E&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4yml7cwq1nHMWcyYp8g5E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzNDAyNTVmODVkOWYzZTYwMzkwYTBlMDIwNmUwMTY5NzczYTE2NA

170 B
188 B

54ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzNDAyNTVmODVkOWYzZTYwMzkwYTBlMDIwNmUwMTY5NzczYTE2NA

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 05:20:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMzNDAyNTVmODVkOWYzZTYwMzkwYTBlMDIwNmUwMTY5NzczYTE2NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 28E6 0
0 496ms
125ms Image
image/gif 52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Aug 2023 05:20:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EA92QHSZJFSNG5NHQ7GS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=3000&ts=1691644824372&src=pbjs

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=3000&ts=1691644827411&src=pbjs

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tuko.co.ke/	1970-01-20 18:13:16	Name: body_ab Value: cf7de05562f99a0b20494ff075436871963c48b51abc577f18e5d9b23272422ca%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22body_ab%22%3Bi%3A1%3Bi%3A0%3B%7D
.tuko.co.ke/	1970-01-20 18:13:16	Name: modal_ab Value: 92a548463b9ec2f0cafcbbc87e339071eb21d9de1e703d586fa116ffa5ac256ea%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22modal_ab%22%3Bi%3A1%3Bi%3A1%3B%7D
.tuko.co.ke/	1970-01-20 14:37:16	Name: akamai_dsa Value: fbb60755711e3d015a93b39cf30864eb531d7ac31fbec09299428e152e859ffea%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22akamai_dsa%22%3Bi%3A1%3Bs%3A16%3A%22desktop%7C0%7Cbody%3D0%22%3B%7D
www.tuko.co.ke/	1969-12-31 23:59:59	Name: _csrf Value: ad0b2fbc81d8df91d2049e021abbf06f5ee30ac7e11f4c6577418ab8c7caea55a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22QcmQ1LnBJtHD7aXUWmLAZ09gL90hv-Yc%22%3B%7D
.tuko.co.ke/	1970-01-20 23:30:04	Name: _ga_DE3P9N1NJZ Value: GS1.1.1691644824.1.0.1691644824.60.0.0
.tuko.co.ke/	1970-01-20 13:54:08	Name: AMP_TOKEN Value: %24NOT_FOUND
.tuko.co.ke/	1970-01-20 23:30:04	Name: _ga Value: GA1.3.1979494456.1691644824
.tuko.co.ke/	1970-01-20 13:55:31	Name: _gid Value: GA1.3.1301453258.1691644824
.tuko.co.ke/	1970-01-20 13:54:04	Name: _gat Value: 1
.tuko.co.ke/	1970-01-20 13:54:04	Name: _gat_AllProjects Value: 1
.tuko.co.ke/	1970-01-20 13:54:05	Name: __io_d Value: 1_2468721254
www.tuko.co.ke/	1970-01-20 22:41:07	Name: __io_lv Value: 1691644824225
www.tuko.co.ke/	1970-01-20 22:41:07	Name: __io Value: b863698e6.036dc7484_1691644824225
.tuko.co.ke/	1970-01-20 13:54:06	Name: __io_session_id Value: 89433c649.a38192535_1691644824226
www.tuko.co.ke/	1970-01-20 22:41:07	Name: __io_unique_3883 Value: 10
www.tuko.co.ke/	1970-01-20 13:55:08	Name: __io_uh Value: 1
www.tuko.co.ke/	1970-01-20 13:54:05	Name: __io_visit_3883 Value: 1
.tuko.co.ke/	1970-01-20 16:03:40	Name: _gcl_au Value: 1.1.558993028.1691644824
.tt.onthe.io/	1970-01-20 13:55:31	Name: io_uide3155c435e925683dd022a3f2070aae6 Value: 10
.tt.onthe.io/	1970-01-20 20:15:40	Name: io_user_hash Value: b863698e6.036dc7484_1691644824225
.tuko.co.ke/	1970-01-20 16:03:40	Name: _fbp Value: fb.2.1691644824440.1490066586
.doubleclick.net/	1970-01-20 23:15:40	Name: IDE Value: AHWqTUmNkYKdyYfxM_MQRfmyNbRxLVQGpWZwNr2hK7KxHJgugYGT6nWAp6yfl7DX
.rubiconproject.com/	1970-01-20 22:39:40	Name: khaos Value: LL4PNGEF-Q-2RB7
.rubiconproject.com/	1970-01-20 22:39:40	Name: audit Value: 1\|naVuGyos1qoPu4DihT9S1FqbBgMWySGKoH1GQZR6kugWa6p5ilWeMFoSe+sEYrMLizv4VyicbH/ub5WIsyqIvSL5hAXvaZVpfAs5higy4iy+xUA9sgf/4eNEKcfJxgEB
.adnxs.com/	1970-01-20 16:03:40	Name: uuid2 Value: 5473983273855378632
.onesignal.com/	1970-01-20 13:54:06	Name: __cf_bm Value: PK3wnwu3FtWrtyGrPL6VUzdtCWbD3SjFeoleJRNMuqw-1691644824-0-Aewr+F+Z7ZTUzlkGBd+Zd27menbOGxQACdWnir9w7zMvODVy/6wRfZFth4MAK0lRI/NyTtt2NPjF3/CPmuLD35M=
.adnxs.com/	1970-01-20 16:03:40	Name: icu Value: ChgI2-d1EAoYAiACKAIwm-fRpgY4AkACSAIQm-fRpgYYAQ..
.ads.pubmatic.com/	1970-01-20 13:55:31	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 22:39:40	Name: KADUSERCOOKIE Value: F60B8BF7-4F42-4979-9EC7-3BA814D12EA9
.pubmatic.com/	1970-01-20 16:03:40	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 13:55:31	Name: pi Value: 161689:2
.pubmatic.com/	1970-01-20 16:03:40	Name: DPSync3 Value: 1692835200%3A201_245_241_235
.pubmatic.com/	1970-01-20 16:03:40	Name: SyncRTB3 Value: 1692835200%3A56_54_251_220_21_13_161_46_8%7C1692921600%3A35
.quantserve.com/	1970-01-20 16:03:40	Name: d Value: EL8BCwHWKfijAA
.quantserve.com/	1970-01-20 23:24:19	Name: mc Value: 64d4739c-365e8-3b34e-19791
.weborama.fr/	1970-01-20 23:20:00	Name: AFFICHE_W Value: iIrnqVp5MUiI95
.simpli.fi/	1970-01-20 22:41:07	Name: suid Value: 3F84D3074C8942ACBE84E2113C31CE2B
.adform.net/	1970-01-20 14:38:43	Name: C Value: 1
.rfihub.com/	1970-01-20 23:15:40	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjA1MDEzNzQwMBbiM9R1zAjSdazyswy39CgAAD6_xJwlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjA1MDEzNzQwMBbiM9R1zAjSdazyswy39CgAAD6_xJwlAAAA
.rfihub.com/	1970-01-20 23:15:40	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmloZmJiYWRhbGoIAPAUB-4QAAAA
.pubmatic.com/	1970-01-20 16:03:40	Name: KRTBCOOKIE_153 Value: 1923-H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ&KRTB&19420-H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ&KRTB&22979-H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ&KRTB&23403-H167UR5Z5gYEWelQTFLyVktZ6wAEW-ZSEFtBJEBJ
.de17a.com/	1970-01-20 22:32:28	Name: guid Value: 1.47308351121490985
.pubmatic.com/	1970-01-20 16:03:40	Name: KRTBCOOKIE_80 Value: 22987-CAESEAj5LZ2bbY_d0so2OEbXH-A&KRTB&23025-CAESEAj5LZ2bbY_d0so2OEbXH-A&KRTB&23386-CAESEAj5LZ2bbY_d0so2OEbXH-A
.amazon-adsystem.com/	1970-01-20 19:32:28	Name: ad-id Value: A70aX18E4kXlkz4JzDqUzLk\|t
.pubmatic.com/	1970-01-20 16:03:40	Name: KRTBCOOKIE_18 Value: 22947-5134455420504671003
.adform.net/	1970-01-20 15:20:28	Name: uid Value: 6043210129849006797
.pubmatic.com/	1970-01-20 14:37:16	Name: KRTBCOOKIE_336 Value: 5844-47308351121490985
.pubmatic.com/	1970-01-20 14:37:16	Name: PugT Value: 1691644828
.pubmatic.com/	1970-01-20 14:37:16	Name: KRTBCOOKIE_391 Value: 22924-6043210129849006797&KRTB&23263-6043210129849006797&KRTB&23481-6043210129849006797

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/ Message: Access to XMLHttpRequest at 'https://hb.emxdgt.com/?t=3000&ts=1691644824372&src=pbjs' from origin 'https://www.tuko.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hb.emxdgt.com/?t=3000&ts=1691644824372&src=pbjs Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.tuko.co.ke/business-economy/516971-kenyan-civil-servants-lose-allowances-govt-seeks-ballooning-public-wage-bill/ Message: Access to XMLHttpRequest at 'https://hb.emxdgt.com/?t=3000&ts=1691644827411&src=pbjs' from origin 'https://www.tuko.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hb.emxdgt.com/?t=3000&ts=1691644827411&src=pbjs Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F60B8BF7-4F42-4979-9EC7-3BA814D12EA9&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ads.pubmatic.com
ampcid.google.com
apis.google.com
audit-tcfv2.cmp.quantcast.com
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.onesignal.com
cdn.onthe.io
cdn.syndication.twimg.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
dmp.adform.net
eb2.3lift.com
eus.rubiconproject.com
exchange.cootlogix.com
fastlane.rubiconproject.com
gmem-shared.s3.amazonaws.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
media-tuko.s3.eu-central-1.amazonaws.com
n.mail-tuko.co.ke
netstorage-tuko.akamaized.net
onesignal.com
p.rfihub.com
pbs.twimg.com
pixel.rubiconproject.com
pixel.tuko.co.ke
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
px.ads.linkedin.com
region1.analytics.google.com
rules.quantcount.com
s.amazon-adsystem.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static-tuko.akamaized.net
static.criteo.net
stats.g.doubleclick.net
sync.cootlogix.com
sync.crwdcntrl.net
syndication.twitter.com
targeting.unrulymedia.com
test.cmp.quantcast.com
tlx.3lift.com
token.rubiconproject.com
tt.onthe.io
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.tuko.co.ke
hb.emxdgt.com
104.18.11.47
104.18.25.185
104.244.42.72
116.203.211.129
13.224.192.181
172.217.18.2
172.217.18.98
172.67.141.120
178.250.1.9
18.159.23.198
18.197.82.230
185.64.189.112
185.64.190.78
185.64.190.80
188.40.114.52
193.0.160.131
198.47.127.205
2001:4860:4802:32::36
2001:4860:4802:34::178
206.189.203.95
213.155.156.183
23.32.184.192
23.48.23.28
23.48.23.38
2600:9000:211e:e800:9:46dc:4700:93a1
2600:9000:223c:8a00:6:44e3:f8c0:93a1
2600:9000:225e:9000:3:a4cd:8380:93a1
2602:803:c003:200::41
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:3034::6815:3534
2606:4700::6812:d63b
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:802::2008
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a02:2638:3::3
2a02:2638:d::a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:8e::159
2a05:d018:d29:3601:68c4:160f:554f:e0aa
3.33.220.150
3.64.70.217
34.107.148.139
34.111.129.221
34.111.131.239
34.235.212.6
34.241.158.58
35.157.8.26
35.204.158.49
37.157.3.20
37.252.171.52
46.228.174.115
52.219.169.42
52.222.253.136
52.46.155.104
52.95.126.160
54.231.169.9
64.227.9.154
69.173.144.139
69.173.144.165
76.223.111.18
95.101.148.20
95.101.149.233
95.101.54.139
034459651dfe7dd9d35633ce1e7da053b4b385a896edfadb4998c34d929fbf8c
04efedf49d3739f642752ebbc8f58f9de46e7cade744cb630901403fcaa553e9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072deaf24df2cb718800f876d9db7cb281c27932a8df7bb3a9737065c60e7329
089134a2be00f82a5cc5dd22e8136652afda16503ed8232c8fdd7850fb96ddd7
0a116cff3e14e41b43a18324237c5b1ff11774f4831a34cc84618e5c4f35e543
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0ca1ad8580acd8a064d96850a1bf83fb88afa07fbcc030b21bac60d308476105
0e915fb00cca9176d6e368265b6bc139aaf5b0080f9c407f974daba6c3bdfbb3
136898fd12e441f6eb90f6bfe7a8aafbc98cc4cabef7d8fa937263bfdf7b8da3
13f6282c8d5ae3e3df85b6557998db6c3fc47ed29e9548137a22438647c67beb
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
16b018c3726370f880955556dfceb109925a7e2f719eedff6e5483a4526c7608
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18832be36bd90eb84d6120a0c192f3d734af4eb7795206ec1c33d03599c5274b
1ad15c30e818eb27d8e55f1f3baa606939fc4fe10029537e4565c783b169158a
1c641326878f3b554e62ed1366cebf5dd5ea61eedc64c24f7c4c4e01449e1619
1c82edd71fbf8c9809d490da7c7f0fd950d1f23bd708bef3fb9c403729b99f26
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1eeda331adaabeb323c1a5f6a7b71d916b67d536fad2352b6bedcb502825ec4e
209b268e294813c4bcfc2d2367549eb17353c387578de52024d297d0e7375b56
21fe13207060c53a28649a537fcb7e735a5ae3ebd0aa2299ddc64d935471e603
2259be857507cd65e1a6d4db7a964e57f659c93f91e7f7e19763305121533ed0
22bd9ac72a08b8d4b717ab01eb9baebb79f133863e7e8a89eb4c14e7ce47b1b6
2329416018e9fb0d895b58d685446234d2068be2b35db7d5801b216597365735
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
391b5898cc31caaf23ce55893f0349e978163b5119b87e7509c73958499479be
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
403205d0a016454706357a3324a6d7b6b1feef3df33abb94d6059c1c4424ba0a
408ebb88da146a461969d1348bafd662774f0070fde10bdb95289adbb41b1c46
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56
4737bdcd8bfdb5e74d6cf7e0131e29b4b683381b3e38fa44522e0c5d272f3bbe
481040188ca3f67224826da94d3d246b127b0a0d037b05cbde94c6ed512d8afe
4bd267246d041a46a68806b4f0335a2bbca415ba83fb340f715b6b45fcf714c5
4c025d77b7cb11a9215c1aa24e804db0ad8ad847483df216d3a27d9a71a93018
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e5619f35e8752aef5c8633fe76233670dffc63476606dad983ee4210a93114
5486a6b1c8a8d8b4365ddd68608784dac0f81899b943d75a4571d208add42240
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f1bf3a29d27e50d3cfd9a49d591811140a880c98453d29ebb14b932108c53a4
61aa480f3269aa57a5142db42baa6260758030a514c1198b5cc2adf2f6c6b2c2
6241d4e76c34503bce31b5bcb7a8080dbc4768cdbd3b0e693771c5a675fad974
6411d065980af42ee2b0c4a4d1171a02ac3d50c81a229a37b9515fb3a1a6e997
67a62d05eaab3b8427bb7790fd5f148466245fbc457d806d2a5f6d94fb84e691
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6e9c3a1777e07f1f8d0f7a0826933232eef7a2d53fe44b7b9c96f76ffad2d401
70edaf04105a6b7bc4630928f36683ed194b4de6590a275a14a54583c0efae81
740da0b55ec85d06a7a81fdfa62a1df291cf4bad6ecddbfaab8579abcedf77aa
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
847d81f4c9cce3ffe3ab361db7862018e31e879c124d0bfd2316da05915dbdee
8514dc58c0854b71badb961e3843a4d6b2496e0f35ac00eef0b778146bdfc840
85371fd2a86e3a17ceeb89aaeac836e50249bfa3a2eea4070fa3af90d4721c17
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908694b190a78f9e9c2bb33e8c830e8b5edf726a69884e492c5dfb9e712748d7
913038faf12b4c5bd581ff1bf0fb206084201012e2dfa9de4acdc0df58d33a2e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9cf74b82f5a4ffa0d9c4809d40c0dde44cc6ec8b3952acf697f435e6a4d90526
9de94949c7d97d6322aefd2235f2dd9fd774c5898999c1c3f4009a7f6651b0e8
9e6a6d9334308d2a6e01003501d6e226b64dc768cccb41af6f11025fad212919
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a1d64e177dc7f958a334986c6847bfe06d6930f5bd6e39e425276f0da4624260
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
a636d9148b1af206baeace1b74dd84119caf7dd2beba5d2729ed6b9105af8a71
a8aa8c9c731fc7c2a9624e6759820f62f5224b3a428f6b73ef8950409598e646
a8cc5f41f9f5d38a3bcbfc0590af19c2afc2ebd3d8993e91e1eb4aab87569526
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3eed23ac3f18762417f3679e4b0fb75cc99dac217ef3c9566a1b4c41036d7e
aaf8348fad3676d3d62c09c1a92f11d075643f798d1a3516b4a34cf9eb127862
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae9c35c457d5528f3aca9ed29f0dced0d18505af5e9900ffc01d8ad5635f0c17
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b65e440dc27ab3f385163a38531f881f09e8c2dc3681d919a32b20cca912a472
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7e7e8b3956c97d3df70e25cee2281c949014b84830ba47fde1e6d97a46a3b6
bbca11bfb8278d2b278f1c911f6468e561700c914d067a6e3709a4041ddd46f0
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1724b369b2ecb52b206f12df7bfa89c989483f24165c4a6558ec0d006aceba5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c731d1ac06ce0723680061bb7eab4bfe43bad28d6af8d8fa8cf855b16ff60784
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d77bf1fa656f6d506f93fb527e7cb5848f27007db2a3aa70a2e6d42b4c92a327
d9d1fe771c5be455b790000e9f089e0e6c78f35f68c48435532df4b55aadc9b3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2ce24cfb350371ea90d41073635083820aebc8fcb4c2ede02d2f4dc4929a190
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e7f85f9d4629c5cd9e1365d46ee5503721b7a8a5ba9f3860f9874324520f7ad6
e951ae17fb5278b83e57060f2d3fded4808734eae3354da59a1cf362dc8c09b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ae9c2026aa097e604015d4bd47dca4778ac704f883659be7b4b312be583342
f3afebec59c2eebb0aa7fa67823b7855683ae78273d053dcf3880932fdb3fcff
f71f85694575b5815148b49400bd1c405c5aa381a4cc7b64e3c10c74a6cb0d6b
f85c4148b1b0146c68c5b9b63fa0df3a111008735c847db14d0f47a16fc96e5b
f870b3e0fbdc49d945079202350985c03f1eb7f8089ebb2ecc2f4ff7694adb68
fe2e0277aea44f8e087868feaac93b611926ff63d652d94232382774084a8497

www.tuko.co.ke Open in urlscan Pro 95.101.54.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

90 %HTTPS

36 %IPv6

44 Domains

76 Subdomains

67 IPs

10 Countries

2044 kBTransfer

6481 kBSize

50 Cookies

22 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tuko.co.ke Open in urlscan Pro
95.101.54.139 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

90 %
HTTPS

36 %
IPv6

44
Domains

76
Subdomains

67
IPs

10
Countries

2044 kB
Transfer

6481 kB
Size

50
Cookies

164 HTTP transactions
11 data transactions