citizentv.co.ke Open in urlscan Pro
35.229.37.149 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Submission: On May 04 via manual (May 4th 2020, 12:21:33 pm UTC) from HK

Summary HTTP 120 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 22 domains to perform 120 HTTP transactions. The main IP is 35.229.37.149, located in United States and belongs to GOOGLE, US. The main domain is citizentv.co.ke.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 6th 2020. Valid for: 3 months.

This is the only time citizentv.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	35.229.37.149 35.229.37.149	15169 (GOOGLE) (GOOGLE)
25	94.31.29.99 94.31.29.99	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
26	151.139.244.25 151.139.244.25	33438 (HIGHWINDS2) (HIGHWINDS2)
1	95.217.0.30 95.217.0.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
1 4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.197.125 13.224.197.125	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.97.126 143.204.97.126	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	178.62.218.54 178.62.218.54	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
120	28

2 35.229.37.149 (United States)

ASN15169 (GOOGLE, US)
PTR: 149.37.229.35.bc.googleusercontent.com

citizentv.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 94.31.29.99 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.99.IPYX-077437-ZYO.above.net

3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.139.244.25 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.0.30 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.0.217.95.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

cdn.viewst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-125.fra2.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

citizentvnews.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-126.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.218.54 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

admin.viewst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	wpmucdn.com hb.wpmucdn.com	141 KB
25	netdna-ssl.com 3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com	233 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	358 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	117 KB
7	ampproject.org cdn.ampproject.org	283 KB
4	stickyadstv.com cdn.stickyadstv.com ads.stickyadstv.com	151 KB
4	gstatic.com fonts.gstatic.com	53 KB
4	google.de adservice.google.de ampcid.google.de www.google.de	501 B
4	google.com 2 redirects ampcid.google.com adservice.google.com www.google.com	721 B
4	google-analytics.com 1 redirects www.google-analytics.com	18 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
3	viewst.com cdn.viewst.com admin.viewst.com	332 KB
2	googletagservices.com www.googletagservices.com	42 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	citizentv.co.ke citizentv.co.ke	107 KB
1	disqus.com citizentvnews.disqus.com	1 KB
1	youtube.com www.youtube.com
1	googletagmanager.com www.googletagmanager.com	25 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	onthe.io cdn.onthe.io	637 B
0	everesttech.net Failed sync-tm.everesttech.net Failed
120	22

	Domain	Requested by
26	hb.wpmucdn.com	citizentv.co.ke
25	3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com	citizentv.co.ke
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net citizentv.co.ke cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	citizentv.co.ke pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	citizentv.co.ke www.googletagservices.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	citizentv.co.ke
4	www.google-analytics.com	1 redirects citizentv.co.ke
3	fonts.googleapis.com	citizentv.co.ke
2	ads.stickyadstv.com	cdn.stickyadstv.com
2	www.google.de	citizentv.co.ke
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	cdn.stickyadstv.com	citizentv.co.ke cdn.stickyadstv.com
2	www.googletagservices.com	citizentv.co.ke pagead2.googlesyndication.com
2	cdn.viewst.com	citizentv.co.ke cdn.viewst.com
2	maxcdn.bootstrapcdn.com	citizentv.co.ke
2	citizentv.co.ke	citizentv.co.ke
1	admin.viewst.com	cdn.viewst.com
1	certify.alexametrics.com	citizentv.co.ke
1	ampcid.google.de	www.google-analytics.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	ampcid.google.com	www.google-analytics.com
1	citizentvnews.disqus.com	hb.wpmucdn.com
1	www.youtube.com	citizentv.co.ke
1	www.googletagmanager.com	citizentv.co.ke
1	certify-js.alexametrics.com	citizentv.co.ke
1	cdn.onesignal.com	citizentv.co.ke
1	cdn.onthe.io	citizentv.co.ke
1	ajax.googleapis.com	citizentv.co.ke
0	sync-tm.everesttech.net Failed	citizentv.co.ke
120	33

This site contains links to these domains. Also see Links.

Domain
rmsradio.co.ke
www.shabiki.com
telegram.me
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
radiocitizen.co.ke
hot96.co.ke
inoorofm.co.ke
ramogifm.co.ke
egesafm.co.ke
musyifm.co.ke
chamgeifm.co.ke
wimwarofm.co.ke
muugafm.co.ke
baharifm.co.ke
mulembefm.co.ke
sulwefm.co.ke
vuukafm.co.ke
play.google.com
itunes.apple.com
www.royalmedia.co.ke
viusasa.com
inoorotv.co.ke
edaily.co.ke

Subject Issuer	Validity	Valid
citizentv.co.ke Let's Encrypt Authority X3	`2020-03-06` - `2020-06-04`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-18` - `2021-03-18`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.wpmucdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-05` - `2021-05-05`	2 years	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2020-04-07` - `2021-06-06`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.viewst.com AlphaSSL CA - SHA256 - G2	`2020-04-06` - `2022-06-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2019-08-28` - `2020-11-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Frame ID: DAC999F5239330931D17E39C8E3D09C5
Requests: 99 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4234XPgwJMA?rel=0
Frame ID: F8EE3F91FC8A4A799BB123A6C2FDF1BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200428/r20190131/zrt_lookup.html
Frame ID: 1DE40CCC5A0271F6C386EB5148FFD3A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&h=444&slotname=7891237988&adk=2794215486&adf=3740071050&w=740&cr_col=4&cr_row=2&fwrn=2&lmt=1588594870&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=740x444&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1588594870305&bpp=56&bdt=686&idt=253&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1805444089805&frm=20&pv=2&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=1&iag=0&icsg=2849934139195400&dssz=69&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1738&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=wXpGYbku7D&p=https%3A//citizentv.co.ke&dtd=266
Frame ID: 98D0331DEB321AA1B0C76D08712042CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&adk=1812271804&adf=3025194257&lmt=1588594870&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1588594870370&bpp=3&bdt=751&idt=208&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 2448797329D4B6B3FAE0A8355E50EC91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&h=280&adk=860339186&adf=1076430020&w=340&fwrn=4&fwrnh=100&lmt=1588594870&rafmt=1&to=qs&pwprc=8630389563&psa=0&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588594870741&bpp=1&bdt=1122&idt=-M&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444%2C0x0&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=1286&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aS1nnBzTWq&p=https%3A//citizentv.co.ke&dtd=22
Frame ID: 434A26B4AE47FD596A709F28978E6C9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&h=90&adk=4204718025&adf=2824717477&w=1200&fwrn=4&fwrnh=100&lmt=1588594870&rafmt=1&to=qs&pwprc=8630389563&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588594870741&bpp=1&bdt=1122&idt=1&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444%2C0x0%2C340x280&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=2747&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=QGPJtq8fm5&p=https%3A//citizentv.co.ke&dtd=30
Frame ID: E9B549D53A37DA7AE3FD7475B61FA911
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 081688BC38DFCE0BCB278A52C47C2F01
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 17B6C771494B2E76FEB46BDED0E5D9CE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: CBA5CCC0852EBF61EDF9F670E54BF10D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.viewst.com/cookie_iframe/cookie-iframe.html
Frame ID: 6B9AD06686E408D1C9BB04BA2F69B622
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 6A89C4293247D3F18CE1F2EC4BD65C81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

120
Requests

99 %
HTTPS

62 %
IPv6

22
Domains

33
Subdomains

28
IPs

8
Countries

1982 kB
Transfer

4323 kB
Size

1
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://rmsradio.co.ke/
Title: Radio

Search URL Search Domain Scan URL

URL: https://www.shabiki.com/dj/?utm_source=citizen&utm_medium=cpc&utm_campaign=sdj_citizen_campaign
Title:

Search URL Search Domain Scan URL

URL: https://telegram.me/citizentvke
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CitizenTVKe/

Search URL Search Domain Scan URL

URL: https://twitter.com/citizentvkenya

Search URL Search Domain Scan URL

URL: https://www.instagram.com/citizentvkenya/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/kenyacitizentv

Search URL Search Domain Scan URL

URL: http://radiocitizen.co.ke/

Search URL Search Domain Scan URL

URL: http://hot96.co.ke/

Search URL Search Domain Scan URL

URL: http://inoorofm.co.ke/

Search URL Search Domain Scan URL

URL: http://ramogifm.co.ke/

Search URL Search Domain Scan URL

URL: http://egesafm.co.ke/

Search URL Search Domain Scan URL

URL: http://musyifm.co.ke/

Search URL Search Domain Scan URL

URL: http://chamgeifm.co.ke/

Search URL Search Domain Scan URL

URL: http://wimwarofm.co.ke/

Search URL Search Domain Scan URL

URL: http://muugafm.co.ke/

Search URL Search Domain Scan URL

URL: http://baharifm.co.ke/

Search URL Search Domain Scan URL

URL: http://mulembefm.co.ke/

Search URL Search Domain Scan URL

URL: http://sulwefm.co.ke/

Search URL Search Domain Scan URL

URL: http://vuukafm.co.ke/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=newsapp.citizentv.royalmedia.citizentvnews
Title: Download from Google playstore

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ke/app/citizen-news-kenya/id1002316565?mt=8
Title: Download from IOS appstore

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.royalmedia.radioapp
Title: Download from Google playstore

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ke/app/citizen-radio-kenya/id1121542886?mt=8
Title: Download from IOS appstore

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.viusasa
Title: Download from Google playstore

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/id1270080131?mt=8
Title: Download from IOS appstore

Search URL Search Domain Scan URL

URL: http://www.royalmedia.co.ke/careers/
Title: careers

Search URL Search Domain Scan URL

URL: http://viusasa.com/
Title: viusasa

Search URL Search Domain Scan URL

URL: http://inoorotv.co.ke/
Title: inooro tv

Search URL Search Domain Scan URL

URL: http://edaily.co.ke/
Title: eDaily

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=182960619&t=pageview&_s=1&dl=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&ul=en-us&de=UTF-8&dt=Suspect%20linked%20to%20con%20game%20busted%20trying%20to%20board%20flight%20at%20JKIA%20-%20Citizentv.co.ke&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABAAQC~&jid=1641720967&gjid=1793962755&cid=1537301747.1588594870&tid=UA-28791428-1&_gid=619813128.1588594870&_r=1&cd3=Citizen%20Reporter&z=372027205 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_gid=619813128.1588594870&gjid=1793962755&_v=j81&z=372027205 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_v=j81&z=372027205 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_v=j81&z=372027205&slf_rd=1&random=4219768378

Request Chain 84

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&gjid=1359812079&_gid=619813128.1588594870&_u=aGDAgEABAAQC~&z=1002347085 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&_v=j81&z=1002347085 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&_v=j81&z=1002347085&slf_rd=1&random=2676620115

Request Chain 90

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJP5Plq73v_5HXwX1boISes&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=ee95dddd-4ee4-4be0-a387-f3623c81c9f3 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XrAIugAAAGX0rSTo HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XrAIugAAAGX0rSTo&_test=XrAIugAAAGX0rSTo HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1137&159=CAESEJP5Plq73v_5HXwX1boISes&45=XrAIugAAAGX0rSTo&892=ee95dddd-4ee4-4be0-a387-f3623c81c9f3 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1137 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent={GDPR_CONSENT_285}&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent={GDPR_CONSENT_285}&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=d5c95eb0-08ba-4200-aded-af0daa24c715 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d5c95eb0-08ba-4200-aded-af0daa24c715 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHFCHOWMYcXJQG0aBK0EqAM&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0ebe02fd-66e8-48ce-9e9d-34e347b3b10c HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D

120 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/ 66 KB
15 KB 4515ms
3701ms Document
text/html 35.229.37.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.229.37.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

149.37.229.35.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

335952a562c72cbd14eef68652ec58c1e9e2b3919e3d426c7a89578c7560e9bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: citizentv.co.ke
:scheme: https
:path: /news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 04 May 2020 12:21:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
pragma: no-cache
link: <https://citizentv.co.ke/wp-json/>; rel="https://api.w.org/" <https://citizentv.co.ke/?p=324233>; rel=shortlink
expires: Mon, 04 May 2020 12:21:05 GMT
x-powered-by: WP Engine
content-security-policy: upgrade-insecure-requests
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
content-encoding: br

GET
H2 200 bootstrap.min.css
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/ 118 KB
20 KB 113ms
35ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/bootstrap.min.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 02:12:40 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e800418-1d970"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 11ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 custom.min.css
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/ 43 KB
9 KB 138ms
60ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/custom.min.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 75445e28d453e22cbbcd33d86e273d2f1ef1e289d16562f9b16badbd0a09ba60

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Mon, 06 Apr 2020 11:06:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e8b0d3c-ab7a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 parallax.min.css
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/ 611 B
560 B 144ms
67ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/parallax.min.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f7884ee767a77a7868a3a01b6347351b3c9c8b0747e3d5ae67666cfccaf18f6e

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 02:12:40 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e800418-263"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 404 main.css
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/csss/ 0
0 422ms
344ms Stylesheet
text/html 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/csss/main.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: /
Resource Hash

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 5 KB
674 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,500,600,700,800,900&display=swap

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce93df5d72c6382ba7c3c8ef60f2a0179db8d8163078157fb7ec6c43fc8da9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 May 2020 12:21:09 GMT
server: ESF
date: Mon, 04 May 2020 12:21:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 May 2020 12:21:09 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212733
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 21:42:16 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 19ms
16ms Stylesheet
text/html 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 709b8ee0-65b8-4832-a794-85b94b4d2d6e.css
hb.wpmucdn.com/citizentv.co.ke/ 49 KB
8 KB 80ms
28ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/709b8ee0-65b8-4832-a794-85b94b4d2d6e.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f6f42a6a378452de152380b832d5017a79c567ad2ce049cd2ff5d093be79253

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:44 GMT
server: nginx
etag: W/"2ae1ab25528676be7c689575d6593ba5"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=50287
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 dda08406-7817-482e-b875-44bbde3b9760.css
hb.wpmucdn.com/citizentv.co.ke/ 2 KB
968 B 77ms
26ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/dda08406-7817-482e-b875-44bbde3b9760.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f5243f633d891897d1dfa02c41760c057c34f3b0116e5cd55d54f411c41fadc3

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:44 GMT
server: nginx
etag: W/"55bd0d6ce998631c76029d9b6b15d910"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=1737
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 f685f8e3-d690-4a95-969a-0e8c8d32cc1c.css
hb.wpmucdn.com/citizentv.co.ke/ 4 KB
1 KB 92ms
41ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/f685f8e3-d690-4a95-969a-0e8c8d32cc1c.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b9ede6aa6f36c52277f6c12978deca340e65a73f88bea6a5fdc001f928b9295

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:17:24 GMT
server: nginx
etag: W/"157a1e14cccfe9f3876580821effbf06"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=4383
content-length: 966
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 4fc5b30f-cded-4be3-8a57-b41f9efc4bda.css
hb.wpmucdn.com/citizentv.co.ke/ 7 KB
2 KB 100ms
49ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/4fc5b30f-cded-4be3-8a57-b41f9efc4bda.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f659d360eab828bc07b3566b92dad8a929b75248116318ad803a953e6efb0ab9

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:48:19 GMT
server: nginx
etag: W/"ad88182b485e9b94408d09e63c7becc9"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=6875
content-length: 1905
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 4608b820-0bd2-4c69-b25e-79d4c9a653e5.css
hb.wpmucdn.com/citizentv.co.ke/ 10 KB
2 KB 99ms
48ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/4608b820-0bd2-4c69-b25e-79d4c9a653e5.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5aa959ae7d103b55d7b4028d471d6f257b5c3e6d24be86fdcc773482e6acecd6

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:40:11 GMT
server: nginx
etag: W/"f5d9ff0c35b2226f8cb22e219ffbb334"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=10538
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 270bca02-49d0-4e24-96f1-e9317cebda9c.css
hb.wpmucdn.com/citizentv.co.ke/ 41 KB
7 KB 97ms
46ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/270bca02-49d0-4e24-96f1-e9317cebda9c.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 944ded465484038953ebc3569116362fb26bd206facb124cfab8bf70e2a5929f

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:45 GMT
server: nginx
etag: W/"3004d3c602ec9ea8bbf27dc2265cb116"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=41716
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 52fa420e-3426-4ea5-94fb-913e2416983f.css
hb.wpmucdn.com/citizentv.co.ke/ 940 B
781 B 102ms
52ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/52fa420e-3426-4ea5-94fb-913e2416983f.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 41cd490ed90162f4aef52a4ba2b140b8a61b0443648c964797fa286adfac0860

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:40:11 GMT
server: nginx
etag: W/"50050a0be71af9a0c44d218ffbb5c888"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=899
content-length: 508
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 727e201b-24d3-44d3-a556-db6c7d7dc7b8.css
hb.wpmucdn.com/citizentv.co.ke/ 2 KB
885 B 77ms
26ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/727e201b-24d3-44d3-a556-db6c7d7dc7b8.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f989688e05c9144016bdecdf7b7e03ecaa080f758301b78660c7fe21ab4b774

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:36:03 GMT
server: nginx
etag: W/"a05ff4dd8c8de75ec9369dfb475cda1c"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=2121
content-length: 612
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 110b8c67-6957-49cf-89e9-374bfd020025.css
hb.wpmucdn.com/citizentv.co.ke/ 26 KB
3 KB 80ms
30ms Stylesheet
text/css 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/110b8c67-6957-49cf-89e9-374bfd020025.css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c71953de125451cd5e6108a4f3390a56153f95321c7a64a8f58162cc01caf89

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:03:03 GMT
server: nginx
etag: W/"84752fabf9cba745df7245fc12c6cf56"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=27088
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H/1.1 200
OK 9ir2a9vA56Fj Show response
cdn.onthe.io/io.js/ 545 B
637 B 202ms
59ms Script
text/javascript 95.217.0.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/9ir2a9vA56Fj
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.0.30 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.0.217.95.clients.your-server.de
Software: nginx /
Resource Hash: c672bfc7c8a81fc8feda72b340f1fa37a33ce859f6c93aa029fe670f478d620a

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 04 May 2020 12:21:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2020 15:07:07 GMT
Server: nginx
ETag: W/"5e95d19b-221"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 05 May 2020 12:21:10 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 42ms
26ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 477
etag: W/"9d9aed5a8d74707da3c47d0230168852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 58e22e122f76c2e5-FRA
cf-request-id: 02813b1f580000c2e5e0a3a200000001
expires: Tue, 05 May 2020 00:21:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
14 KB 56ms
41ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

211fbedad62aa97475bbff8532886e3baa2d75e2a82db8d20bfcc86aa160ae1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "505 / 477 of 1000 / last-modified: 1588528830"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14553
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 ctvlive.gif
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/ 3 KB
4 KB 66ms
51ms Image
image/gif 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/ctvlive.gif
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c382334ef09b59dc53b1e1cf37a621f9b375d2eb61ea2acf453f323c3eaf0c8c

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e800414-dcb"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3531

GET
H2 200 vida-clock-icon.png
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/images/ 246 B
472 B 65ms
52ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/images/vida-clock-icon.png
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a6126148fa386d2cf3170f3c5ff055b5d6263032d387b25fda9ec173bc464995

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:40 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e800418-f6"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 246

GET
H2 200 jkia-passengers-e1582701042747.jpeg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/03/ 48 KB
49 KB 3834ms
3822ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/03/jkia-passengers-e1582701042747.jpeg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 58ebfcf17ba7e100819d487d2836a47c51e98c38a593e546acbec3c92c13e529

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:11:10 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8003be-c1af"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49583

GET
H2 200 200x200_telegram.png
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/ 2 KB
2 KB 65ms
53ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/200x200_telegram.png
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 511e2d230c2a8be96eaa8f6fc7a48714fb03673308347416e8a9b07fd6731689

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:34 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e800412-812"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2066

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 109 KB
39 KB 36ms
24ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c605ba26f2bd8be5c3a35253aa908e06f6051be5a18ed8791a2d4580222962d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 40174
x-xss-protection: 0
server: cafe
etag: 11491240315632059771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 iphones-320x180.jpeg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 13 KB
13 KB 3814ms
3802ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/iphones-320x180.jpeg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a763257204a111ce7c5976661779b1315987e3eb7a1a431d42e386d81c60f1b0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:11:52 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8003e8-34a2"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13474

GET
H2 200 Wanjau-320x180.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/08/ 11 KB
12 KB 3814ms
3803ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/08/Wanjau-320x180.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8e84374cc30587cd5d80990fdcabb3576df4f998253c23651faca74d0eaad96a

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:29 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e80040d-2d60"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11616

GET
H2 200 citizen-digital-96x90.png
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/ 5 KB
5 KB 65ms
54ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/citizen-digital-96x90.png
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4026cae20d287221d4b3bd714017104045772b68ecf5841fc06fef9ba7317cdb

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e800414-12e3"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4835

GET
H2 200 Marcos-Rojo-Andre-Gray-120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 3 KB
3 KB 65ms
54ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/Marcos-Rojo-Andre-Gray-120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 66af67a852b1d9807421938a7f69bb7610d393998fb272a0d99803444cd9fb3e

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:11:30 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8003d2-cc8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3272

GET
H2 200 tecra-karanja--120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/05/ 3 KB
4 KB 65ms
55ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/05/tecra-karanja--120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ae3fbae853f5dd02d92194237d2ddf005a16f06dec665a5565fcd5b8526df17d

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sat, 02 May 2020 23:36:07 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5eae03e7-da6"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3494

GET
H2 200 Paul-Bitoks-cattle-120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/05/ 3 KB
3 KB 70ms
62ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/05/Paul-Bitoks-cattle-120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4f76a6a364180c23416f93062b4b400b4ab9570a65796c8a0617216e15516f5d

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Mon, 04 May 2020 10:04:32 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5eafe8b0-c38"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3128

GET
H2 200 LIVERPOOL-CELEBRATE-120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/06/ 5 KB
5 KB 71ms
63ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/06/LIVERPOOL-CELEBRATE-120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b725a77b2482dba7a1e3b74e74eb78ddc0fbb21cc2023f02b5f084a7e6389738

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:11:00 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8003b4-12e8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4840

GET
H2 200 herbs-120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/05/ 4 KB
4 KB 72ms
64ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/05/herbs-120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 08c89611af5da8b407d86234cf9e12d6546e49799d0d8aaa9124f7b0f17db58a

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Mon, 04 May 2020 08:42:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5eafd564-1075"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4213

GET
H2 200 mutahi-kagwe-120x90.jpeg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/04/ 4 KB
4 KB 72ms
65ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/04/mutahi-kagwe-120x90.jpeg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9aa3cc9ee09c96861cf42bfd53fcaf70927297ce061729dae7be10cb6a8d3fa4

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Thu, 30 Apr 2020 18:57:23 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5eab1f93-e8c"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3724

GET
H2 200 we-stand-with-kenya-120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/04/ 4 KB
4 KB 89ms
81ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2020/04/we-stand-with-kenya-120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 39095494b560ac002acc5797b8030385b266164569d19e67ab324ad0b12eecee

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Thu, 09 Apr 2020 07:42:10 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8ed1d2-eb8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3768

GET
H2 200 FC69D539-4FC8-4679-A105-A3E102FB2BE4-120x90.jpg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/08/ 4 KB
4 KB 92ms
85ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/08/FC69D539-4FC8-4679-A105-A3E102FB2BE4-120x90.jpg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a8585d66048713d91cdad54179a42203d9aa2ec964fe476c2968b395827b3c4a

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:10:56 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8003b0-f38"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3896

GET
H2 200 Gideon-120x90.png
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/ 7 KB
7 KB 3775ms
3768ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2015/05/Gideon-120x90.png
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 559a53506e17eb30507b2e10c8a5c5790583a1c2b7d320ef4144d246d9452469

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:34 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e800412-1cf1"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7409

GET
H2 200 trump-120x90.jpeg
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/12/ 3 KB
3 KB 3791ms
3784ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/uploads/2019/12/trump-120x90.jpeg
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fdc6b96eba463e8c62765ccbe9a37ceada37f8b872b8e339dea6ead58c05da70

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:10:50 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e8003aa-bf2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3058

GET
H2 200 28407d0b-234c-4e3a-bd22-8a83e2be245a.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 95 KB
34 KB 43ms
42ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/28407d0b-234c-4e3a-bd22-8a83e2be245a.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e0ebf6855637412c4b780c618cc18a75728d37372eb9cc21c84da0202ca3a009

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:11:01 GMT
server: nginx
etag: W/"44e9d1a041546dd52f041b7c94b25bb8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=96873
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 532aa7e8-8150-4b37-81e5-a369f9bef368.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 23 KB
8 KB 39ms
39ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b05b67caa8d328bb672c6f034726e9b2fc905b93eb2cc074297f05aa99c6d14

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:45 GMT
server: nginx
etag: W/"e10b10cd3b15c615724e55c8dcdb36e9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=23515
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 caf326ef-bf11-42e8-a14a-b8362e01ab8a.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 14 KB
4 KB 21ms
21ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/caf326ef-bf11-42e8-a14a-b8362e01ab8a.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 202e8cb1302327d41f65a9fb2e70a2d13eb599865efa4ef2c3aca75801fa8129

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:46 GMT
server: nginx
etag: W/"b55c94b47b11f0743b0fa653852dc814"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=14440
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 0b31df29-80a8-4841-82a8-fdafbcdb4409.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 916 B
735 B 20ms
19ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/0b31df29-80a8-4841-82a8-fdafbcdb4409.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f56684c15d52dd1a49ccf53efff5d281f5fbb3c504292ca8ade76f5cd99b443

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:23:47 GMT
server: nginx
etag: W/"b293b8cf0c2b046dc7a226a1795d3c5f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=889
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 7115f13e-5bf6-4571-a28d-eb2dbfe1d3ac.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 27 KB
8 KB 36ms
28ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/7115f13e-5bf6-4571-a28d-eb2dbfe1d3ac.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b74e467f1075dea79a9da9f749f36b0885098b1dd5084764d59eb52b6dd0465a

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:46 GMT
server: nginx
etag: W/"e80aea0729e0b23f4519702be5ab323c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=27551
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 0eaae850-8b69-4db4-94c0-0f5c660dbeff.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 6 KB
3 KB 75ms
75ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/0eaae850-8b69-4db4-94c0-0f5c660dbeff.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: a28f16bd1389086a867f1ab40d33bfcb5a1fda967e80f89832a0e7d72ffd6650

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:09 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:43:18 GMT
server: nginx
etag: W/"45b5fb6fd9c34927410d15ab7458d215"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=6418
expires: Thu, 29 Apr 2021 12:21:09 GMT

GET
H2 200 7fd360d1-bf3c-4d8f-85f8-20985e3ae497.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 25 KB
6 KB 25ms
25ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/7fd360d1-bf3c-4d8f-85f8-20985e3ae497.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: d49c6588decd10793ce0581c651f5cae1c0607ee71aa5ea1815f575494259dfe

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:43:19 GMT
server: nginx
etag: W/"ecfd8284b732ba29c9057f84038618e9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=25168
content-length: 6197
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 5afa38b9-728d-4686-8c5f-08c547e7aca2.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 7 KB
3 KB 24ms
24ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/5afa38b9-728d-4686-8c5f-08c547e7aca2.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 46fa94f9f8534a735a4a5c2549a044bc89e02872a796908f60a1325a1f8c9acd

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:41:47 GMT
server: nginx
etag: W/"f0091b885dee60448c0265be1c0dc0c4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=7628
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 ccdf9852-3248-4f59-b8b3-ddea483aa294.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 156 KB
28 KB 39ms
39ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/ccdf9852-3248-4f59-b8b3-ddea483aa294.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 0081c35e384dc679cc768839effb63fc1ee25831512de7988d0b70e933a300b5

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:30:52 GMT
server: nginx
etag: W/"a7767ca87abffd7aa1fb23a23ab0f758"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=159480
content-length: 28555
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 9ffbf8f9-1c6b-41af-a935-47909ecd9e9e.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 367 B
524 B 24ms
23ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/9ffbf8f9-1c6b-41af-a935-47909ecd9e9e.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f584c1721a20fcd78a800a26b2308f2ef5339713c01dd6005b4dcddd1e2c4bd7

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:03:02 GMT
server: nginx
etag: W/"4c040a0859927ca5e0d3237251849735"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=331
content-length: 241
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 b7914999-af8e-499c-bbf9-ecf3ea8ba935.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 496 B
605 B 39ms
20ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/b7914999-af8e-499c-bbf9-ecf3ea8ba935.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: fde4524a884ab17e4f361385cc8ad457ec7937cceda02f9963afbecdea825a2d

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:43:18 GMT
server: nginx
etag: W/"2cf32ac160008e5d3975a82d767c811f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=456
content-length: 322
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 531775cc-eb1e-4b64-8277-f045a79c657b.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 8 KB
3 KB 39ms
21ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/531775cc-eb1e-4b64-8277-f045a79c657b.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e6e36ff018b2afd77b31a17ace2ac9930c004e291e132bcfe91540a77912b41f

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:48:19 GMT
server: nginx
etag: W/"a88a80210694ca42d20dd1c325b422b4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=8113
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 d6df377e-eb4a-4103-a3d4-77e9d840850a.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 28 KB
9 KB 42ms
24ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/d6df377e-eb4a-4103-a3d4-77e9d840850a.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 327b3ef1b6f503f2dbe08b395fed206944b1654277186774cccacd4f8155d54c

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:40:16 GMT
server: nginx
etag: W/"89b124497b6f22023b8147ffc9f3e53b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=28953
content-length: 8599
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 95ce538e-93af-499c-919e-f8cbe66b1dbd.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 2 KB
1020 B 43ms
24ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/95ce538e-93af-499c-919e-f8cbe66b1dbd.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 43e82a52b82b363c5a4b7a456cd33d9f22e4531cd75aa54fa14f7743bef7b485

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:43:19 GMT
server: nginx
etag: W/"c0066285fa3165703177efa2b9ac08fb"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=1819
content-length: 737
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 0b697981-aede-4f20-b453-4b85d80e05aa.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 2 KB
1 KB 44ms
25ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/0b697981-aede-4f20-b453-4b85d80e05aa.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 2167b2904db2316195e536b85bcd520cf20f6dc2ad139e9c5f3dbb742cc34ca5

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:20:51 GMT
server: nginx
etag: W/"0cc2784a83ec64f45a277910041cc507"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=1578
content-length: 809
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 bbcd5909-0e00-467e-97cb-036fddc3590e.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 21 KB
6 KB 46ms
27ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/bbcd5909-0e00-467e-97cb-036fddc3590e.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e6f794b95ec7c061dd1c57aab4ea7a064ed5d2f0bf84e57dd66c1ca248008ae

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 07:29:50 GMT
server: nginx
etag: W/"894069a1b57eecc11b79eff86f842af0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=21506
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 c3a67f75-c0a3-4f2f-9637-e78e9452b897.js Show response
hb.wpmucdn.com/citizentv.co.ke/ 3 KB
2 KB 43ms
25ms Script
application/javascript 151.139.244.25
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/citizentv.co.ke/c3a67f75-c0a3-4f2f-9637-e78e9452b897.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.25 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f92ade0d7cc8993744f1b8fb1115aa8990b37ac0085125b180b87d9ec3d7337b

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2020 06:40:17 GMT
server: nginx
etag: W/"d124d320611b4e0ca4b3aa71308fe328"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
hb-minify: minify=0.0%, origSize=3214
expires: Thu, 29 Apr 2021 12:21:10 GMT

GET
H2 200 bootstrap.min.js Show response
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/js/ 36 KB
10 KB 52ms
34ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/js/bootstrap.min.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 02:12:39 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e800417-90b5"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.min.js Show response
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/js/ 336 B
390 B 66ms
48ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/js/main.min.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ace4832ab9c164d30c16021a73703d1eec77c10275a4cf9f00d5c2d7748ee9e3

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 02:12:39 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e800417-150"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slidepanel.js Show response
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/js/ 585 B
494 B 68ms
50ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/js/slidepanel.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6c09e21aba68b991c55d93310eaddec3e123c184603dac82430efe684dcb7e8c

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 02:12:39 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e800417-249"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK probtn_concat.js Show response
cdn.viewst.com/ 332 KB
332 KB 2370ms
2005ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viewst.com/probtn_concat.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.15.1 /
Resource Hash: 0bf01b95477bd82498e7370085a4e0d094e2271e8020f6f670b912e0955b89cf

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 04 May 2020 12:21:12 GMT
Last-Modified: Monday, 04-May-2020 12:21:12 GMT
Server: nginx/1.15.1
X-Ws-Request-Id: 5eb008b8_PSdgflkfFRA2lp7_26575-15150
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Server: prod-c1-m1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 339546
X-Via: 1.1 PSdgflkfFRA2so76:12 (Cdn Cache Server V2.0)

GET
H2 400 css
fonts.googleapis.com/ 0
0 16ms
15ms Stylesheet
text/html 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6155
date: Mon, 04 May 2020 10:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Mon, 04 May 2020 12:38:35 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 2836ms
31ms Script
text/javascript 13.224.197.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-125.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Mar 2020 02:55:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 2971570
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 5HUGGksv0Ga_1hxyD9f_4U1uQczaxbq0kbqwhN3AJtMBXTw7ahf_7g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cba647a3e4d115c0ea22f8f679b5a549ede176ee5a83a53eb059909870770f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "505 / 896 of 1000 / last-modified: 1588528830"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14552
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 67 KB
25 KB 26ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5WP9RD

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36f34ba7b7f57ffcf6a45bdbde1f0c80b127d9151a5a8597ef2f38fde0a596b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25088
x-xss-protection: 0
last-modified: Mon, 04 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 4234XPgwJMA
www.youtube.com/embed/ Frame F8EE 0
0 184ms
153ms Document
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4234XPgwJMA?rel=0

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/4234XPgwJMA?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
cache-control: no-cache
strict-transport-security: max-age=31536000
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Mon, 04 May 2020 12:21:10 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=EKIWyyowTuw; path=/; domain=.youtube.com; secure; expires=Sat, 31-Oct-2020 12:21:10 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 04-May-2020 12:51:10 GMT YSC=HYSJMjiuAOg; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=EKIWyyowTuw; path=/; domain=.youtube.com; secure; expires=Sat, 31-Oct-2020 12:21:10 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK count.js Show response
citizentvnews.disqus.com/ 1 KB
1 KB 2777ms
32ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://citizentvnews.disqus.com/count.js

Requested by

Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/citizentv.co.ke/0b31df29-80a8-4841-82a8-fdafbcdb4409.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 04 May 2020 12:21:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1521740
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 16 Apr 2020 19:48:14 GMT
Server: nginx
ETag: "5e98b67e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
183 B 14ms
13ms XHR
application/json 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://citizentv.co.ke
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=citizentv.co.ke

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=citizentv.co.ke

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ 237 KB
85 KB 96ms
96ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87243
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 citizentvspriteimg.png
citizentv.co.ke/wp-content/uploads/2015/05/ 91 KB
91 KB 156ms
145ms Image
image/png 35.229.37.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizentv.co.ke/wp-content/uploads/2015/05/citizentvspriteimg.png
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.229.37.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.37.229.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e2baad2d634b32f661c291317b7370cd5de8f54a6a50a47ef58d09ce387c6b0

Request headers

Referer: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/custom.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
last-modified: Sun, 29 Mar 2020 02:12:36 GMT
server: nginx
status: 200
etag: "5e800414-16bb2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 93106

GET
H2 200 1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
14 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,600,700,800,900&display=swap
Origin: https://citizentv.co.ke

Response headers

date: Fri, 10 Apr 2020 02:07:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:47 GMT
server: sffe
age: 2110442
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13752
x-xss-protection: 0
expires: Sat, 10 Apr 2021 02:07:08 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwPIsWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPANqczVs.woff2

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b9c05ae7b05e6ef6129a065795922649a71851bd9f57d080dc86e3efa34a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,600,700,800,900&display=swap
Origin: https://citizentv.co.ke

Response headers

date: Wed, 08 Apr 2020 21:05:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:51 GMT
server: sffe
age: 2214962
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13404
x-xss-protection: 0
expires: Thu, 08 Apr 2021 21:05:08 GMT

GET
H2 200 Roboto-Black.ttf
3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/fonts/ 125 KB
66 KB 123ms
45ms Font
application/octet-stream 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/fonts/Roboto-Black.ttf
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7c84d57fb2c5c2ce5f35ac53363812e96c81f5435c2a49a13e7220d5169b8b53

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com/wp-content/themes/citizennews_new/css/custom.min.css
Origin: https://citizentv.co.ke

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 02:12:40 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5e800418-1f3cc"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,600,700,800,900&display=swap
Origin: https://citizentv.co.ke

Response headers

date: Sat, 04 Apr 2020 11:59:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 2593277
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
expires: Sun, 04 Apr 2021 11:59:53 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 2295ms
2188ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://citizentv.co.ke

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,600,700,800,900&display=swap
Origin: https://citizentv.co.ke

Response headers

date: Sat, 28 Mar 2020 14:50:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 3187845
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13428
x-xss-protection: 0
expires: Sun, 28 Mar 2021 14:50:25 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
112 B 16ms
16ms XHR
application/json 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://citizentv.co.ke
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/ 217 KB
82 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a3565d4181b96ecd198208dae19dc737869a010485c509355d370bab84db854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83744
x-xss-protection: 0
server: cafe
etag: 17458909180920526513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200428/r20190131/ Frame 1DE4 0
0 7ms
6ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 28 Apr 2020 23:48:04 GMT
expires: Tue, 12 May 2020 23:48:04 GMT
content-type: text/html; charset=UTF-8
etag: 2883597723061595496
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4868
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 477186
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK intext-roll.min.js Show response
cdn.stickyadstv.com/prime-time/ 369 KB
124 KB 238ms
159ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c9e744aaf906be4317167ab331ce2d4e9766f423c03cbc23b69d058f94d16645

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 04 May 2020 12:21:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Apr 2020 14:53:09 GMT
ETag: "1586789589"
X-HW: 1588594870.dop011.fr8.t,1588594870.cds096.fr8.shn,1588594870.cds096.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 126923

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=182960619&t=pageview&_s=1&dl=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_gid=619813128.1588594870&gjid=1793962755&_v=j81&z=372027205
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_v=j81&z=372027205
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_v=j81&z=372027205&slf_rd=1&random=4219768378

42 B
109 B

24ms
24ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_v=j81&z=372027205&slf_rd=1&random=4219768378

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1641720967&_v=j81&z=372027205&slf_rd=1&random=4219768378
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 8ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=182960619&t=event&_s=2&dl=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&ul=en-us&de=UTF-8&dt=Suspect%20linked%20to%20con%20game%20busted%20trying%20to%20board%20flight%20at%20JKIA%20-%20Citizentv.co.ke&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Video&ea=play&el=Video%20of%20the%20day&_u=aEBAAEABAAQC~&jid=&gjid=&cid=1537301747.1588594870&tid=UA-28791428-1&_gid=619813128.1588594870&cd3=Citizen%20Reporter&z=1811604763

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 03:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2106061
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 7ms
5ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=182960619&t=pageview&_s=1&dl=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&ul=en-us&de=UTF-8&dt=Suspect%20linked%20to%20con%20game%20busted%20trying%20to%20board%20flight%20at%20JKIA%20-%20Citizentv.co.ke&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEABAAQC~&jid=1279965582&gjid=1359812079&cid=1537301747.1588594870&tid=UA-28791428-1&_gid=619813128.1588594870&gtm=2wg4m0N5WP9RD&z=2284561

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 03:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2106061
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&gjid=1359812079&_gid=619813128.1588594870&_u=aGDAgEABAAQC~&z=1002347085
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&_v=j81&z=1002347085
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&_v=j81&z=1002347085&slf_rd=1&random=2676620115

42 B
109 B

25ms
25ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&_v=j81&z=1002347085&slf_rd=1&random=2676620115

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28791428-1&cid=1537301747.1588594870&jid=1279965582&_v=j81&z=1002347085&slf_rd=1&random=2676620115
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 98D0 0
0 630ms
630ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&h=444&slotname=7891237988&adk=2794215486&adf=3740071050&w=740&cr_col=4&cr_row=2&fwrn=2&lmt=1588594870&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=740x444&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1588594870305&bpp=56&bdt=686&idt=253&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1805444089805&frm=20&pv=2&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=1&iag=0&icsg=2849934139195400&dssz=69&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1738&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=wXpGYbku7D&p=https%3A//citizentv.co.ke&dtd=266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5685268660263342&output=html&h=444&slotname=7891237988&adk=2794215486&adf=3740071050&w=740&cr_col=4&cr_row=2&fwrn=2&lmt=1588594870&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=740x444&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1588594870305&bpp=56&bdt=686&idt=253&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1805444089805&frm=20&pv=2&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=1&iag=0&icsg=2849934139195400&dssz=69&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1738&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=wXpGYbku7D&p=https%3A//citizentv.co.ke&dtd=266
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 04 May 2020 12:21:11 GMT
server: cafe
content-length: 16896
x-xss-protection: 0
set-cookie: IDE=AHWqTUkF1bkSkvavOIKDo3z63bRMTMwwg-EGHplvmUQJfSUKgR9lDruZ9EQ0AUEP; expires=Sat, 29-May-2021 12:21:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 04 May 2020 12:21:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d26e058f6f092f10c14e8f42fd2dc8959b22ea43fd98f781eb45e1a84e482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588332207717364"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27848
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:10 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2448 0
0 126ms
125ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&adk=1812271804&adf=3025194257&lmt=1588594870&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1588594870370&bpp=3&bdt=751&idt=208&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5685268660263342&output=html&adk=1812271804&adf=3025194257&lmt=1588594870&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1588594870370&bpp=3&bdt=751&idt=208&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 04 May 2020 12:21:10 GMT
server: cafe
content-length: 1802
x-xss-protection: 0
set-cookie: IDE=AHWqTUnOSYwAR3nmSvcB49KbaskJnPCO-9qIQ8b_XadsEwlyYW_-eDIdmC994XlK; expires=Sat, 29-May-2021 12:21:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 04 May 2020 12:21:10 GMT
cache-control: private

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ 25 KB
25 KB 37ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1588594870674
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 04 May 2020 12:21:10 GMT
Last-Modified: Mon, 13 Apr 2020 14:51:12 GMT
ETag: "1586789472"
X-HW: 1588594870.dop011.fr8.t,1588594870.cds130.fr8.shn,1588594870.cds130.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://citizentv.co.ke
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ 59 B
613 B 3234ms
130ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=6255073&loc=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept: application/xml, text/xml
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 May 2020 12:21:13 GMT
Server: nginx
Access-Control-Allow-Origin: https://citizentv.co.ke
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59
x-sticky-vk: 1588594873855062-43
Expires: Mon, 04 May 2020 12:21:13 GMT

GET

wGbQAlJJ
sync-tm.everesttech.net/upi/pid/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJP5Plq73v_5HXwX1boISes&google_cver=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=ee95dddd-4ee4-4be0-a387-f3623c81c9f3
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XrAIugAAAGX0rSTo
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XrAIugAAAGX0rSTo&_test=XrAIugAAAGX0rSTo
https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1137&159=CAESEJP5Plq73v_5HXwX1boISes&45=XrAIugAAAGX0rSTo&892=ee95ddd...
https://ads.stickyadstv.com/user-registering?dataProviderId=1137
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent={GDPR_CONSENT_285}&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent={GDPR_CONSENT_285}&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc...
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d5c95eb0-08ba-4200-aded-af0daa24c715
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHFCHOWMYcXJQG0aBK0EqAM&google_cver=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0ebe02fd-66e8-48ce-9e9d-34e347b3b10c
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D

0
0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 434A 0
0 262ms
262ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&h=280&adk=860339186&adf=1076430020&w=340&fwrn=4&fwrnh=100&lmt=1588594870&rafmt=1&to=qs&pwprc=8630389563&psa=0&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588594870741&bpp=1&bdt=1122&idt=-M&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444%2C0x0&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=1286&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aS1nnBzTWq&p=https%3A//citizentv.co.ke&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5685268660263342&output=html&h=280&adk=860339186&adf=1076430020&w=340&fwrn=4&fwrnh=100&lmt=1588594870&rafmt=1&to=qs&pwprc=8630389563&psa=0&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588594870741&bpp=1&bdt=1122&idt=-M&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444%2C0x0&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=1286&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aS1nnBzTWq&p=https%3A//citizentv.co.ke&dtd=22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnOSYwAR3nmSvcB49KbaskJnPCO-9qIQ8b_XadsEwlyYW_-eDIdmC994XlK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 04 May 2020 12:21:11 GMT
server: cafe
content-length: 21328
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E9B5 0
0 375ms
374ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5685268660263342&output=html&h=90&adk=4204718025&adf=2824717477&w=1200&fwrn=4&fwrnh=100&lmt=1588594870&rafmt=1&to=qs&pwprc=8630389563&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588594870741&bpp=1&bdt=1122&idt=1&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444%2C0x0%2C340x280&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=2747&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=QGPJtq8fm5&p=https%3A//citizentv.co.ke&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5685268660263342&output=html&h=90&adk=4204718025&adf=2824717477&w=1200&fwrn=4&fwrnh=100&lmt=1588594870&rafmt=1&to=qs&pwprc=8630389563&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588594870741&bpp=1&bdt=1122&idt=1&shv=r20200428&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x444%2C0x0%2C340x280&nras=1&correlator=1805444089805&frm=20&pv=1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&ga_fc=0&iag=0&icsg=2849934139195400&dssz=70&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=2747&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064802%2C21065472%2C21065475%2C44716867%2C182982100%2C26835105&oid=3&pvsid=4489863750794463&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=QGPJtq8fm5&p=https%3A//citizentv.co.ke&dtd=30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnOSYwAR3nmSvcB49KbaskJnPCO-9qIQ8b_XadsEwlyYW_-eDIdmC994XlK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 04 May 2020 12:21:11 GMT
server: cafe
content-length: 14104
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 492 B
1006 B 3182ms
598ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.0.1&focus=true&percentViewable=100&componentId=intext-roll&playbackMethod=5&playbackEnd=1&componentVersion=2.5.6.0&it=1&loc=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&zoneId=6255073&videoSlotCanAutoPlay=true&fullscreen=false&playerSize=740x416&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8f0a0b3869895c7399ed76692a36cb4fe66186c73774bb4cf929a9498a845a69

Request headers

Accept: application/xml, text/xml
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 May 2020 12:21:14 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://citizentv.co.ke
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 492
x-sticky-vk: 1588594874038066-104
Expires: Mon, 04 May 2020 12:21:14 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
16 KB 384ms
384ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4489863750794463&correlator=2912246972262950&output=ldjh&impl=fifs&adsid=NT&eid=21064212%2C21064365%2C21065516%2C44716867&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200504&iu_parts=72835659%2Croad_block_ad_unit%2Cnews_in_article_top_banner%2Cctv_new_news_mid_content%2Cnews_in_article_right_1_336x280%2Cnews_in_article_right_2_336x280%2Cnews_in_article_right_3_336x280%2Cctv_new_endofcontent%2Carticle_alsoread_ad&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=480x320%2C970x90%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1588594872&dt=1588594872888&dlt=1588594869619&idt=3250&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-15%2C249%2C993%2C993%2C993%2C238%2C-9&adys=-9%2C85%2C491%2C298%2C1116%2C2231%2C1728%2C-9&adks=3197533127%2C3851306618%2C294496204%2C4138049894%2C3910845016%2C2264558978%2C22599821%2C1824290934&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&dssz=71&icsg=2849934139195400&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1615x120%7C300x250%7C340x270%7C340x270%7C340x270%7C740x120%7C0x-1&msz=0x-1%7C1615x90%7C300x250%7C340x250%7C340x250%7C340x250%7C740x90%7C0x-1&ga_vid=1537301747.1588594870&ga_sid=1588594871&ga_hid=182960619&fws=2%2C4%2C4%2C4%2C4%2C4%2C4%2C2&ohw=0%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6a4613b65a4aa722ef9455b597d5873c31c9ed673b8d67cba36fc102f4fad2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15678
x-xss-protection: 0
google-lineitem-id: -2,5347911486,5347911486,5324873483,-2,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138308763165,138308763600,138277560602,-2,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://citizentv.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 127ms
29ms Image
image/gif 143.204.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Suspect%20linked%20to%20con%20game%20busted%20trying%20to%20board%20flight%20at%20JKIA%20-%20Citizentv.co.ke&time=1588594872939&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&random_number=2018313764&sess_cookie=0f88d1d5171dfa2126a97854256&sess_cookie_flag=1&user_cookie=0f88d1d5171dfa2126a97854256&user_cookie_flag=1&dynamic=true&domain=citizentv.co.ke&account=iNLhl1ao9rD0/9&jsv=20130128&user_lang=en-US
Requested by: Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-126.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 03 May 2020 19:57:41 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 82351
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: Q_dnCK3ZzVEMl2pLjWeBeNgCrr1Q01Al_NhnSptxC-6tpH2qN3517w==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 0816 200 KB
55 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Origin: https://citizentv.co.ke

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3353
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55871
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:20 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 0816 200 KB
56 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3353
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55871
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 0816 93 KB
28 KB 45ms
32ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3336
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28417
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:37 GMT

GET
DATA 200
OK truncated
/ Frame 0816 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afcfcbecfc3c267460930103eec5d0dd3aaedaa77088b1901eeac4767b2b15d0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ 20 KB
7 KB 36ms
28ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3341
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7162
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "124c7b7cd5d53550"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:32 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 17B6 200 KB
56 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Origin: https://citizentv.co.ke

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3353
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55871
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:20 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 17B6 200 KB
55 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3353
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55871
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 17B6 93 KB
28 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3336
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28417
x-xss-protection: 0
server: sffe
date: Mon, 04 May 2020 11:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 May 2021 11:25:37 GMT

GET
DATA 200
OK truncated
/ Frame 17B6 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 560a25ee2e66980d910495b9bb33b205eaa13f71e0ce848ca6af270d565aec42

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame CBA5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 04 May 2020 11:25:20 GMT
expires: Tue, 04 May 2021 11:25:20 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3353
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 10965926952669658848
tpc.googlesyndication.com/simgad/ Frame 0816 62 KB
62 KB 21ms
18ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10965926952669658848

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad3d84470e239434639793e4f95b64d4363ecf9ce772a79f2e72bb427948888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 17:53:06 GMT
x-content-type-options: nosniff
age: 930487
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63509
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 14:16:55 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 17:53:06 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0816 0
332 B 48ms
46ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4PwN34lqGLqNGs0RrenaHbmOp4kWRLFAxh7Zm066R1yVvEFJfE2AbpuivB5iaXojIMpMYo7gB46ibgzQMNbbDhTVQ_hXrdgm1M-bp7ntkMnolDY6c9Hh_zSu_Mrmy6R62KfpujLKYN9r73i_Om78YyzntA7i3-enkd_0gxOJ3kyTUVriJMwCxj5E5m4e62pixBi3W_KAZnn2F-NBuwWQPMel9_47VE7vmlOlAnpQhgO8kg_FeWDsncurbSgYPUvRrkWCV8I-i3Ku89a-BQZt6woyI&sai=AMfl-YRBiqbpK6oSmBLY25s3ZevIo9Ta0Vkn2dbg92iK1jQqP201yURWGWPT4IjcWwjbWDm1y9uTdDBbnfrxbpvTSPXPwGLBs_UstvUkqqv_&sig=Cg0ArKJSzBuuDcpNwCHsEAE&adurl=

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 May 2020 12:21:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:13 GMT

GET
H2 200 14006110103910105389
tpc.googlesyndication.com/simgad/ Frame 17B6 51 KB
51 KB 17ms
15ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14006110103910105389

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a03bce5ab5bb406a2d02afd72d8c5a10af451ff57f7fbb4f2f1cc382ae1073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 14:38:52 GMT
x-content-type-options: nosniff
age: 1719741
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51970
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 14:19:51 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 14:38:52 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17B6 0
280 B 55ms
53ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumAFM93iflOzLcUg6_L6qftNoKLWPRY8YtFOS8hsBsW-hlRIO0SUKANv1tLnXvMintvbTsL66WAEY7FnzPtj3YFb1kkV39S1KwRIUArDsJo3j6v8o0xk0x6GRE_BtviQ3lOP3Jft_1oRG9J6iNrzSMCaZfgWFCyT3IHlJ9YOfEvdJRTfQ4iabx0Rv-2RODliFbwMxsQeEBqdVJsaOTsnzgvDmfVkG6hfA-wREow5rMxwvpeYQn-qEh8P78t11t2_fxlP7SaGOglItlZfE7sVK4Pow&sai=AMfl-YQH1MiE9pxMdzULI3TKXUrvSc-Ejk_ukncm6Tng9n01bcajtZ4bUyzWo6BJjqB4axm8FyDN4lFowLLRsP8DvJq7d3P_m5_b8VqYcaPA&sig=Cg0ArKJSzERO9eomNws5EAE&adurl=

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 May 2020 12:21:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:13 GMT

GET
H2 200 10965926952669658848
tpc.googlesyndication.com/simgad/ Frame 0816 62 KB
62 KB 6ms
5ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10965926952669658848

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad3d84470e239434639793e4f95b64d4363ecf9ce772a79f2e72bb427948888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 17:53:06 GMT
x-content-type-options: nosniff
age: 930487
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63509
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 14:16:55 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 17:53:06 GMT

GET
H2 200 14006110103910105389
tpc.googlesyndication.com/simgad/ Frame 17B6 51 KB
51 KB 8ms
5ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14006110103910105389

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a03bce5ab5bb406a2d02afd72d8c5a10af451ff57f7fbb4f2f1cc382ae1073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 14:38:52 GMT
x-content-type-options: nosniff
age: 1719741
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51970
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 14:19:51 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 14:38:52 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0816 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKqclQ-MmCy_uo2QYpvslgiJvoitl7hm5o0dPbwiHQ42zRWtRgmXTnCUheY0Vro237_Nfck1mCcPrB7jcqm16LRlw_4UWZOHIipeZITCY&sig=Cg0ArKJSzOU09viqBP54EAE&id=ampim&o=308,85&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=147&tls=1147&g=100&h=100&tt=1147&r=v&avms=ampa&adk=3851306618

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 17B6 42 B
110 B 16ms
16ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbzwpzXsTCXHOpqAR_Buyhafm7qrUr3NA7VBiDs9qr3fKzsecG17S_5kVYrjifPiEXbjGDLNSk5i2fES7v-clK5G2vKCWTkgyXndQIQ0E&sig=Cg0ArKJSzLtIDXaH_rHTEAE&id=ampim&o=249,491&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=112&tls=1112&g=100&h=100&tt=1112&r=v&avms=ampa&adk=294496204

Requested by

Host: citizentv.co.ke
URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie-iframe.html
cdn.viewst.com/cookie_iframe/ Frame 6B9A 0
0 55ms
55ms Document
text/html 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viewst.com/cookie_iframe/cookie-iframe.html
Requested by: Host: cdn.viewst.com
URL: https://cdn.viewst.com/probtn_concat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.15.1 /
Resource Hash

Request headers

Host: cdn.viewst.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

Date: Mon, 04 May 2020 12:21:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.15.1
Last-Modified: Monday, 04-May-2020 12:21:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
X-Server: prod-c1-m2
Content-Encoding: gzip
X-Via: 1.1 PSdgflkfFRA2gb73:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 5eb008ba_PSdgflkfFRA2lp7_26575-15353

GET
H/1.1 200
OK getClientSettings Show response
admin.viewst.com/1/functions/ 156 B
332 B 473ms
52ms Script
text/javascript 178.62.218.54
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.viewst.com/1/functions/getClientSettings?BundleID=citizentv.co.ke&DeviceType=web&Version=1.40.1814_02112017_dev&AZName=&log={%22type%22:%22probtnCID%22,%22cid%22:%221588594874710-1948970347%22}&DeviceUID=1588594874635-1174699728&DeviceCUID=1588594874710-1948970347&localDomain=citizentv.co.ke&SelectAdSet=&NetworkType=4g&X-ProBtn-Token=b04bb84b22cdacb0d57fd8f8fd3bfeb8ad430d1b&Location[Longitude]=0&Location[Latitude]=0&ScreenResolutionX=1200&ScreenResolutionY=1600&retina=1&ConnectionSpeed=10240&AdditionalTargetingParam=&ButtonFromInitDuration=0.08&SessionID=15885948747131174699728yt7teow3hs00&OriginalReferer=&DAPROPS=CacheBuster=o08riq52cg00&callback=jQuery19104309683698692328_1588594872611&_=1588594872612
Requested by: Host: cdn.viewst.com
URL: https://cdn.viewst.com/probtn_concat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.62.218.54 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 822f9e5974773b281ace34f5507c7f183b7e59492ad95652bd23a16419eb6cfe

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 04 May 2020 12:21:15 GMT
Content-Encoding: gzip
X-Probtn-Request-ID: T6JQuE
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 29ms
29ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200428&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f627c76131c823200e061aad3eea44744873551790bfd9a9b2384e3e325d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 May 2020 12:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5524
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 12:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Mon, 04 May 2020 12:21:16 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 6A89 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 04 May 2020 11:59:28 GMT
expires: Tue, 04 May 2021 11:59:28 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1308
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
49 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200428&jk=4489863750794463&bg=!Q0ClQFhY7EJS2URCirYCAAAAQlIAAAATmQF3Le7ppRHrBTWn4WM4TyI_oVt0Fz9hptF9e7mPvl7FUXIBbJkoUYVFSKZfIGOLWvsOsBwP3siNTFQYGO7dDvmwG4-OxfOhepioDPFznOJe-RDtrArFxh9d0pk0l9B6rvVdBhDTreAOAhaTcQ5QUaEMKL80IyV4aPIZ9tThCUTyjc64uvgYdAZGwnuTJjgbJu6NQ_feLlr9l-RI6BAFzySvPtyyDzstPjFLrZHJeF9L4fBRyKF0WIcRZNMjLl3S-THhpspEB0CaaSyIRW_qQdvHTWh2wHX8iLEfUP7XABvb0Sbky18TmPfIVn-bpwQwVnZikXrmyt89QDrH4J6P2ZrMGA68GK_XJJmcph8NQx0wTDX3KABbBS65NCGmcf_rXiKDyw697wJkloT3yDNAqyJTwoARvComw0UxWQ7MXj0xbkS0i7VhER1-ESGjFWQ6g9Vemg9d8XPnazjwcXKw4aPy2eOx0yaE6qg_zDNuNEO02AU_In0YaMlv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 May 2020 12:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 18:38:10	Name: IDE Value: AHWqTUlpisqIOdbZSzq4LMls2NUrS_1vrjR-h5Yv_sKJvF2nT_JkGpfJqyZLY8B5

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/(Line 29) Message: Script Loaded
console-api	log	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 24) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	warning	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 46) Message: JQMIGRATE: jQuery.attrFn is deprecated
console-api	log	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 48) Message: console.trace
console-api	warning	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 46) Message: JQMIGRATE: jQuery.fn.load() is deprecated
console-api	log	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 48) Message: console.trace
console-api	warning	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 46) Message: JQMIGRATE: jQuery.fn.toggle(handler, handler...) is deprecated
console-api	log	URL: https://hb.wpmucdn.com/citizentv.co.ke/532aa7e8-8150-4b37-81e5-a369f9bef368.js(Line 48) Message: console.trace
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true(Line 57) Message: 14:21:10,672 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true(Line 57) Message: 14:21:10,695 GenericOutstream Config smartPlay removed because it wasn't enabled in the component
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js(Line 6) Message: Exception in queued GPT command ReferenceError: topstickyad is not defined
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://citizentv.co.ke/news/suspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233/
console-api	warning	URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true(Line 57) Message: 14:21:14,217 com.stickyadstv.vast.Vast ERROR CODE : undefined -
console-api	warning	URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true(Line 57) Message: 14:21:14,221 outstream.InlineOutstream The Ad Banner has been collapse after an AdError event.
console-api	error	URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true(Line 57) Message: 14:21:14,222 GenericOutstream AD_ERROR Error: Request timeout. (url:'https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.0.1&focus=true&percentViewable=100&componentId=intext-roll&playbackMethod=5&playbackEnd=1&componentVersion=2.5.6.0&it=1&loc=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&zoneId=6255073&videoSlotCanAutoPlay=true&fullscreen=false&playerSize=740x416&supportsFlash=false&supportsJavascript=true'
console-api	error	URL: https://cdn.stickyadstv.com/prime-time/intext-roll.min.js?zone=6255073&contentClass=mid-content-also-read&smartPlay=true&auto=true(Line 57) Message: 14:21:14,223 outstream.intext-roll vpaid error: Error: Request timeout. (url:'https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.0.1&focus=true&percentViewable=100&componentId=intext-roll&playbackMethod=5&playbackEnd=1&componentVersion=2.5.6.0&it=1&loc=https%3A%2F%2Fcitizentv.co.ke%2Fnews%2Fsuspect-linked-to-con-game-busted-trying-to-board-flight-at-jkia-324233%2F&zoneId=6255073&videoSlotCanAutoPlay=true&fullscreen=false&playerSize=740x416&supportsFlash=false&supportsJavascript=true'
console-api	log	URL: https://cdn.viewst.com/probtn_concat.js(Line 1) Message: guid 1588594874710-1948970347
console-api	log	URL: https://hb.wpmucdn.com/citizentv.co.ke/9ffbf8f9-1c6b-41af-a935-47909ecd9e9e.js(Line 5) Message: SuperPWA service worker ready

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3dwnh01icn0h133s00sokwo1-wpengine.netdna-ssl.com
admin.viewst.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
cdn.ampproject.org
cdn.onesignal.com
cdn.onthe.io
cdn.stickyadstv.com
cdn.viewst.com
certify-js.alexametrics.com
certify.alexametrics.com
citizentv.co.ke
citizentvnews.disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.wpmucdn.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
sync-tm.everesttech.net
13.224.197.125
143.204.97.126
151.101.112.134
151.139.244.25
163.171.132.119
178.62.218.54
2.18.234.233
2001:4de0:ac19::1:b:3b
216.58.210.2
2606:4700::6812:e134
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::200a
2a00:1450:4001:821::200e
2a00:1450:4001:825::2002
2a00:1450:400c:c08::9a
35.229.37.149
94.31.29.99
95.217.0.30
0081c35e384dc679cc768839effb63fc1ee25831512de7988d0b70e933a300b5
046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08c89611af5da8b407d86234cf9e12d6546e49799d0d8aaa9124f7b0f17db58a
08cba647a3e4d115c0ea22f8f679b5a549ede176ee5a83a53eb059909870770f
0a3565d4181b96ecd198208dae19dc737869a010485c509355d370bab84db854
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0bf01b95477bd82498e7370085a4e0d094e2271e8020f6f670b912e0955b89cf
0f6f42a6a378452de152380b832d5017a79c567ad2ce049cd2ff5d093be79253
1e6f794b95ec7c061dd1c57aab4ea7a064ed5d2f0bf84e57dd66c1ca248008ae
202e8cb1302327d41f65a9fb2e70a2d13eb599865efa4ef2c3aca75801fa8129
211fbedad62aa97475bbff8532886e3baa2d75e2a82db8d20bfcc86aa160ae1c
2167b2904db2316195e536b85bcd520cf20f6dc2ad139e9c5f3dbb742cc34ca5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9ede6aa6f36c52277f6c12978deca340e65a73f88bea6a5fdc001f928b9295
327b3ef1b6f503f2dbe08b395fed206944b1654277186774cccacd4f8155d54c
335952a562c72cbd14eef68652ec58c1e9e2b3919e3d426c7a89578c7560e9bb
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a03bce5ab5bb406a2d02afd72d8c5a10af451ff57f7fbb4f2f1cc382ae1073
36f34ba7b7f57ffcf6a45bdbde1f0c80b127d9151a5a8597ef2f38fde0a596b3
39095494b560ac002acc5797b8030385b266164569d19e67ab324ad0b12eecee
4026cae20d287221d4b3bd714017104045772b68ecf5841fc06fef9ba7317cdb
41cd490ed90162f4aef52a4ba2b140b8a61b0443648c964797fa286adfac0860
41f627c76131c823200e061aad3eea44744873551790bfd9a9b2384e3e325d46
43e82a52b82b363c5a4b7a456cd33d9f22e4531cd75aa54fa14f7743bef7b485
46fa94f9f8534a735a4a5c2549a044bc89e02872a796908f60a1325a1f8c9acd
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
4f56684c15d52dd1a49ccf53efff5d281f5fbb3c504292ca8ade76f5cd99b443
4f76a6a364180c23416f93062b4b400b4ab9570a65796c8a0617216e15516f5d
4f989688e05c9144016bdecdf7b7e03ecaa080f758301b78660c7fe21ab4b774
511e2d230c2a8be96eaa8f6fc7a48714fb03673308347416e8a9b07fd6731689
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
559a53506e17eb30507b2e10c8a5c5790583a1c2b7d320ef4144d246d9452469
560a25ee2e66980d910495b9bb33b205eaa13f71e0ce848ca6af270d565aec42
58ebfcf17ba7e100819d487d2836a47c51e98c38a593e546acbec3c92c13e529
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aa959ae7d103b55d7b4028d471d6f257b5c3e6d24be86fdcc773482e6acecd6
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059
66af67a852b1d9807421938a7f69bb7610d393998fb272a0d99803444cd9fb3e
6a4613b65a4aa722ef9455b597d5873c31c9ed673b8d67cba36fc102f4fad2f6
6c09e21aba68b991c55d93310eaddec3e123c184603dac82430efe684dcb7e8c
75445e28d453e22cbbcd33d86e273d2f1ef1e289d16562f9b16badbd0a09ba60
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c84d57fb2c5c2ce5f35ac53363812e96c81f5435c2a49a13e7220d5169b8b53
7e2baad2d634b32f661c291317b7370cd5de8f54a6a50a47ef58d09ce387c6b0
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
822f9e5974773b281ace34f5507c7f183b7e59492ad95652bd23a16419eb6cfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b05b67caa8d328bb672c6f034726e9b2fc905b93eb2cc074297f05aa99c6d14
8c71953de125451cd5e6108a4f3390a56153f95321c7a64a8f58162cc01caf89
8e84374cc30587cd5d80990fdcabb3576df4f998253c23651faca74d0eaad96a
8f0a0b3869895c7399ed76692a36cb4fe66186c73774bb4cf929a9498a845a69
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
944ded465484038953ebc3569116362fb26bd206facb124cfab8bf70e2a5929f
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9aa3cc9ee09c96861cf42bfd53fcaf70927297ce061729dae7be10cb6a8d3fa4
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a28f16bd1389086a867f1ab40d33bfcb5a1fda967e80f89832a0e7d72ffd6650
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
a6126148fa386d2cf3170f3c5ff055b5d6263032d387b25fda9ec173bc464995
a67d26e058f6f092f10c14e8f42fd2dc8959b22ea43fd98f781eb45e1a84e482
a763257204a111ce7c5976661779b1315987e3eb7a1a431d42e386d81c60f1b0
a8585d66048713d91cdad54179a42203d9aa2ec964fe476c2968b395827b3c4a
ace4832ab9c164d30c16021a73703d1eec77c10275a4cf9f00d5c2d7748ee9e3
ae3fbae853f5dd02d92194237d2ddf005a16f06dec665a5565fcd5b8526df17d
afcfcbecfc3c267460930103eec5d0dd3aaedaa77088b1901eeac4767b2b15d0
b725a77b2482dba7a1e3b74e74eb78ddc0fbb21cc2023f02b5f084a7e6389738
b74e467f1075dea79a9da9f749f36b0885098b1dd5084764d59eb52b6dd0465a
bad3d84470e239434639793e4f95b64d4363ecf9ce772a79f2e72bb427948888
c382334ef09b59dc53b1e1cf37a621f9b375d2eb61ea2acf453f323c3eaf0c8c
c605ba26f2bd8be5c3a35253aa908e06f6051be5a18ed8791a2d4580222962d3
c672bfc7c8a81fc8feda72b340f1fa37a33ce859f6c93aa029fe670f478d620a
c9e744aaf906be4317167ab331ce2d4e9766f423c03cbc23b69d058f94d16645
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce93df5d72c6382ba7c3c8ef60f2a0179db8d8163078157fb7ec6c43fc8da9b6
d49c6588decd10793ce0581c651f5cae1c0607ee71aa5ea1815f575494259dfe
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
e0ebf6855637412c4b780c618cc18a75728d37372eb9cc21c84da0202ca3a009
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e36ff018b2afd77b31a17ace2ac9930c004e291e132bcfe91540a77912b41f
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5243f633d891897d1dfa02c41760c057c34f3b0116e5cd55d54f411c41fadc3
f584c1721a20fcd78a800a26b2308f2ef5339713c01dd6005b4dcddd1e2c4bd7
f5b9c05ae7b05e6ef6129a065795922649a71851bd9f57d080dc86e3efa34a51
f659d360eab828bc07b3566b92dad8a929b75248116318ad803a953e6efb0ab9
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7884ee767a77a7868a3a01b6347351b3c9c8b0747e3d5ae67666cfccaf18f6e
f92ade0d7cc8993744f1b8fb1115aa8990b37ac0085125b180b87d9ec3d7337b
fdc6b96eba463e8c62765ccbe9a37ceada37f8b872b8e339dea6ead58c05da70
fde4524a884ab17e4f361385cc8ad457ec7937cceda02f9963afbecdea825a2d

citizentv.co.ke Open in urlscan Pro 35.229.37.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

62 %IPv6

22 Domains

33 Subdomains

28 IPs

8 Countries

1982 kBTransfer

4323 kBSize

1 Cookies

30 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

citizentv.co.ke Open in urlscan Pro
35.229.37.149 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

62 %
IPv6

22
Domains

33
Subdomains

28
IPs

8
Countries

1982 kB
Transfer

4323 kB
Size

1
Cookies

120 HTTP transactions
4 data transactions