newspost.co.ke Open in urlscan Pro
67.202.92.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.newspost.co.ke/
Effective URL:
https://newspost.co.ke/
Submission: On February 22 via automatic, source certstream-suspicious (February 22nd 2022, 5:25:48 pm UTC) — Scanned from DE

Summary HTTP 207 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 22 domains to perform 207 HTTP transactions. The main IP is 67.202.92.27, located in United States and belongs to STEADFAST, US. The main domain is newspost.co.ke.
TLS certificate: Issued by R3 on February 22nd 2022. Valid for: 3 months.

This is the only time newspost.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	67.202.92.27 67.202.92.27	32748 (STEADFAST) (STEADFAST)
20	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3 11	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
3 3	34.246.234.200 34.246.234.200	16509 (AMAZON-02) (AMAZON-02)
16	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:cf80:c203:5e45:e44	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.111.84 3.122.111.84	16509 (AMAZON-02) (AMAZON-02)
2 2	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	141.95.157.215 141.95.157.215	16276 (OVH) (OVH)
207	24

47 67.202.92.27 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: s27.wpx.net

www.newspost.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newspost.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.234.200 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:cf80:c203:5e45:e44 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.111.84 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.137 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.157.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3212474.ip-141-95-157.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	526 KB
47	newspost.co.ke 1 redirects www.newspost.co.ke newspost.co.ke	701 KB
36	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	199 KB
27	gstatic.com fonts.gstatic.com www.gstatic.com	586 KB
14	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	42 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	228 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	5 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314	82 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 288	1 KB
3	everesttech.net 3 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2907	1 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 927	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1492	1 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 487	1 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	592 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 582	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1330	415 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7252	336 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 776	324 B
1	seadform.net track.seadform.net — Cisco Umbrella Rank: 85995
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	646 B
207	22

	Domain	Requested by
46	newspost.co.ke	newspost.co.ke
33	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	pagead2.googlesyndication.com	newspost.co.ke pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
17	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
16	cm.g.doubleclick.net	newspost.co.ke googleads.g.doubleclick.net
11	www.google.com	3 redirects newspost.co.ke www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	newspost.co.ke googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	pixel.everesttech.net	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	onesignal.com	cdn.onesignal.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google-analytics.com	newspost.co.ke www.google-analytics.com
2	e.dlx.addthis.com	2 redirects
2	d.agkn.com	2 redirects
2	ag.innovid.com	googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cdn.onesignal.com	newspost.co.ke cdn.onesignal.com
1	googlecm.hit.gemius.pl	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	track.seadform.net	googleads.g.doubleclick.net
1	www.google.de	newspost.co.ke
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.newspost.co.ke	1 redirects
207	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
websitehostingkenya.com

Subject Issuer	Validity	Valid
newspost.co.ke R3	`2022-02-22` - `2022-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://newspost.co.ke/
Frame ID: 25B1C14004BB7FB31CBDF89CA396FF6C
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: AB4445B142EEFC10FF6269EDA4FF783B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&adk=1812271804&adf=1573534164&lmt=1645294005&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewspost.co.ke%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741200&bpp=4&bdt=573&idt=117&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7444831083380&frm=20&pv=2&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
Frame ID: 8A130319089A439D28AE2239E813CB72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&slotname=7760900016&adk=329817475&adf=3025194257&pi=t.ma~as.7760900016&w=1200&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741204&bpp=10&bdt=577&idt=131&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jNjdloKoW&p=https%3A//newspost.co.ke&dtd=135
Frame ID: 407B0DD47598615D8995F6B12919317C
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&co=aHR0cHM6Ly9uZXdzcG9zdC5jby5rZTo0NDM.&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=q266j1e52nwe
Frame ID: 05644F035FEB0081D0CD2E5042BCB17C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=2197940135&adf=1757964483&pi=t.aa~a.629734229~rp.4&w=1019&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=1019x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RWWIeffRY6&p=https%3A//newspost.co.ke&dtd=13
Frame ID: 5E90B0A4BC8DE56BA63079C4738F84B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36
Frame ID: 983B28A5DF9DBD5E1531F70B6FE7ED57
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40
Frame ID: 404867DD4B54C80FEF9FB026B7FEB787
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1
Frame ID: B2A3B6AE9F906A168317D9702878DC88
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1
Frame ID: C770AD9247DE73E85E80173DA8D92CD0
Requests: 16 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/d236ac784afdc66bd75f55f83c8bc285.js?tag=client_fast_engine_2019
Frame ID: 49A3AF44049F9BB015C50E82CD8F28E0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 34A9D0D7828532A93DF7CE9B60F9D69F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: ED83D66FCBC536F04E66ADB596254478
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: E0054D5CC1C018C246B6B120FAB56EEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 85BBE48EC1400914F1C7F53572A2C490
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 057C9A7119B83F385B87FE8ACA4C204E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: F81CCAEC55A9577D72790F514A391AF1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 102EBA9DE96D0BD58DD4FC012221AFB8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B4E71730A68A93BA12131DACC98F1C10
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F8A9B9CB012C5AD18D72E0B4A0C720B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: A788C5138B0DD400881BF30C71380A5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: B1BBA49C310DC6FFB94E954D240A171E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6751EED33067DF9AB77E8E187755879E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E74A9EE64C51E2734E6EE06FCA20DE7C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - News Post

Page URL History Show full URLs

https://www.newspost.co.ke/ HTTP 301
https://newspost.co.ke/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

207
Requests

93 %
HTTPS

59 %
IPv6

22
Domains

30
Subdomains

24
IPs

7
Countries

2394 kB
Transfer

5966 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Newspost-106416064370722/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newspostke/

Search URL Search Domain Scan URL

URL: https://twitter.com/Newspostkenya

Search URL Search Domain Scan URL

URL: https://websitehostingkenya.com/
Title: Web Hosting Kenya

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.newspost.co.ke/ HTTP 301
https://newspost.co.ke/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLO9UJtas-Z3OsRhAadyCdwrvDlKfQOhoLmUWBcvqTvhtzHDoW-y6D-_PveRt3DGDERcD2DljLauUIgMwMv-fLbtpII7-En&google_gid=CAESEFdGbaZFD9BI_VyP__LG76k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBTmo5LW1RUw&google_push=AYg5qPLO9UJtas-Z3OsRhAadyCdwrvDlKfQOhoLmUWBcvqTvhtzHDoW-y6D-_PveRt3DGDERcD2DljLauUIgMwMv-fLbtpII7-En

Request Chain 116

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ13GGrHgwtM3UwvyjsEbQY&google_cver=1&google_push=AYg5qPKUQNYlBJEHPSoL98syIcu4HHICHr09-Aj1V8V2qNSVjC-QGEScr4HeMWEV5twIKxVjNxKh-KuVJzcxICO-FBiTuQzoFwSM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ13GGrHgwtM3UwvyjsEbQY&google_cver=1&google_push=AYg5qPKUQNYlBJEHPSoL98syIcu4HHICHr09-Aj1V8V2qNSVjC-QGEScr4HeMWEV5twIKxVjNxKh-KuVJzcxICO-FBiTuQzoFwSM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sbzn-Jl9TbqCml9H6HRr-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUQNYlBJEHPSoL98syIcu4HHICHr09-Aj1V8V2qNSVjC-QGEScr4HeMWEV5twIKxVjNxKh-KuVJzcxICO-FBiTuQzoFwSM

Request Chain 117

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMUyBiEfAj6sB1VyhXx9yHs&google_cver=1&google_push=AYg5qPIhaEtRrmCNVmvh84KBHZMWe6WYPuICvDOcWSfApx4920yIW1mpe2f2wyRQAYchg1CDQXbwLnNzGHAkuD-JMhl_52kgNSij HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCM1QtMVItQTBH&google_push=AYg5qPIhaEtRrmCNVmvh84KBHZMWe6WYPuICvDOcWSfApx4920yIW1mpe2f2wyRQAYchg1CDQXbwLnNzGHAkuD-JMhl_52kgNSij

Request Chain 118

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjz6RT41dgkemprJByqsB4&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJjz6RT41dgkemprJByqsB4&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMtcEb7dofMph5WAUsFg3lc&google_cver=1&google_push=AYg5qPJXjnRTFv8rebn5XBsSW0Wz8ysdmvnJ8-bV3QOKOwzIigAbTaPNT_BIk5VpsGgGBY1Q_YO_3IHKF4lSn2i0ndMTawssTIaI HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJXjnRTFv8rebn5XBsSW0Wz8ysdmvnJ8-bV3QOKOwzIigAbTaPNT_BIk5VpsGgGBY1Q_YO_3IHKF4lSn2i0ndMTawssTIaI&google_hm=5mKease9WgMG_K3evdOX5Q

Request Chain 146

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKbm9Vik3tpulIciEcmTns4oOEFOpg7-rB8Ee_CoB-P6BhihO8D9DDgnaGOdSKWcrV-kpz4W4TVzsA2swi0OlhB_AI8kOS-&google_gid=CAESECgcQVkQ5q7_zKWW1HKYHeQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFCZFA5bTNKSA&google_push=AYg5qPKbm9Vik3tpulIciEcmTns4oOEFOpg7-rB8Ee_CoB-P6BhihO8D9DDgnaGOdSKWcrV-kpz4W4TVzsA2swi0OlhB_AI8kOS-

Request Chain 147

https://d.agkn.com/pixel/2175/?google_gid=CAESENfh05-a_G8A4voQ3pRdy7k&google_cver=1&google_push=AYg5qPInxUcuGMfQfLd-Gh-n9niFGJLpTR4xJqdC8w6RvziHfqdkU3JzZHwk7qKiCxRv0uHeSfEiQSsd1iblk8H2EdOLMxzE-xZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPInxUcuGMfQfLd-Gh-n9niFGJLpTR4xJqdC8w6RvziHfqdkU3JzZHwk7qKiCxRv0uHeSfEiQSsd1iblk8H2EdOLMxzE-xZS&google_hm=Q0FFU0VOZmgwNS1hX0c4QTR2b1EzcFJkeTdr

Request Chain 148

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLjXptGywWpzcAFeE6RBQMrPEqNPk3v6c0dSOc08UnlO3KLQ17Yd6hRx69kLByj36iN_WoEHFUtd-2gEApKUNpSoOl0TiDd&google_gid=CAESELIaKP-GYDVuGrQjssZ6kfE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLjXptGywWpzcAFeE6RBQMrPEqNPk3v6c0dSOc08UnlO3KLQ17Yd6hRx69kLByj36iN_WoEHFUtd-2gEApKUNpSoOl0TiDd&google_gid=CAESELIaKP-GYDVuGrQjssZ6kfE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMjIxNzI1NDMwMDA5OTQ1NDU3ODY4NQ%3D%3D&google_push=AYg5qPLjXptGywWpzcAFeE6RBQMrPEqNPk3v6c0dSOc08UnlO3KLQ17Yd6hRx69kLByj36iN_WoEHFUtd-2gEApKUNpSoOl0TiDd

Request Chain 150

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDgwPpaUF3-o-eZoo2cY8-M&google_cver=1&google_push=AYg5qPInoTXx6Zu5jOzehBVVVbBp-KqTyVwyKd3QBGN4kNRMElnk3BRlotP-9qD5Bz2ZkAH432UZ2ZiOXBO-NTgThVsgFjN2kzXc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOEEtWS1EVjU2&google_push=AYg5qPInoTXx6Zu5jOzehBVVVbBp-KqTyVwyKd3QBGN4kNRMElnk3BRlotP-9qD5Bz2ZkAH432UZ2ZiOXBO-NTgThVsgFjN2kzXc

Request Chain 153

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHmUVzi_ld9WmOiF_7BTnw&google_cver=1&google_push=AYg5qPIPQfgU6pIHQ3EYdx5RtSxRZf3JA3GKPpdERMwFwm47CJTXSL6owHuyHmwiUetuSsnm7uqFeuvFbnuuFdbfCFrM6PMSlmQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIPQfgU6pIHQ3EYdx5RtSxRZf3JA3GKPpdERMwFwm47CJTXSL6owHuyHmwiUetuSsnm7uqFeuvFbnuuFdbfCFrM6PMSlmQ&google_hm=5mKease9WgMG_K3evdOX5Q

Request Chain 154

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI3ggJJF3UClqlRxulUa5j5yyoFltU9yB9p-BMJmOg12aVU-VhlDY2QjbOKhIWDL2X1AcVvwMZTV-pHF8AiZgg_poAEtg4&google_gid=CAESEGGErZWopxIwiZajT-n7LtY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBZkB5dFV3Uw&google_push=AYg5qPI3ggJJF3UClqlRxulUa5j5yyoFltU9yB9p-BMJmOg12aVU-VhlDY2QjbOKhIWDL2X1AcVvwMZTV-pHF8AiZgg_poAEtg4

Request Chain 155

https://d.agkn.com/pixel/2175/?google_gid=CAESEFpmYZObSR5DsPYvC2NpYqE&google_cver=1&google_push=AYg5qPKfjnFu4mBJMWt1Vbx6DqPh3HdHx5U_XOpOR-EdK6vJeIa6WdjCpperSpRLLMzx_2MlabTibp-SzF-ShFgu9Kf3zkkdmjE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKfjnFu4mBJMWt1Vbx6DqPh3HdHx5U_XOpOR-EdK6vJeIa6WdjCpperSpRLLMzx_2MlabTibp-SzF-ShFgu9Kf3zkkdmjE&google_hm=Q0FFU0VGcG1ZWk9iU1I1RHNQWXZDMk5wWXFF

Request Chain 157

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEND0NjNv9LUlXdUos7rytyU&google_cver=1&google_push=AYg5qPLnigvUhzGGBAU8hN-PWPhgIMvlz9ZQDT2SgnTsysa_Ek5vip5yZqwN6q3JVeR9xyv5faXtUugmfd0JQwF--HuAwgykPqs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOTQtRC1WQUI=&google_push=AYg5qPLnigvUhzGGBAU8hN-PWPhgIMvlz9ZQDT2SgnTsysa_Ek5vip5yZqwN6q3JVeR9xyv5faXtUugmfd0JQwF--HuAwgykPqs

Request Chain 158

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ

Request Chain 159

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOf9aVS0FHw_pbvLg2qYV4o&google_cver=1&google_push=AYg5qPKgY-xlV9WB80DndegK7ctXh5w4paixLuOSZukDD3FHSMWQShXQhuyRnrHgzicvuV4ssoaJqC3SPe4OVXMc_vd_E3R_LOts HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgY-xlV9WB80DndegK7ctXh5w4paixLuOSZukDD3FHSMWQShXQhuyRnrHgzicvuV4ssoaJqC3SPe4OVXMc_vd_E3R_LOts&google_hm=

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

207 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newspost.co.ke/
Redirect Chain

https://www.newspost.co.ke/
https://newspost.co.ke/

125 KB
19 KB

250ms
231ms

Document
text/html

67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 22560e09d1591373849933d48a370da5ea3f0a5d40c4f592ae860f6907560125

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=-253135,public
expires: Sat, 19 Feb 2022 19:06:45 GMT
content-type: text/html; charset=UTF-8
last-modified: Sat, 19 Feb 2022 18:06:45 GMT
etag: "4a0a-621131b5-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding, Cookie
content-length: 18954
date: Tue, 22 Feb 2022 17:25:40 GMT
server: LiteSpeed
wpx: 1
referrer-policy
pragma: public

Redirect headers

x-powered-by: PHP/7.4.25
cf-edge-cache: cache,platform=wordpress
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://newspost.co.ke/
cache-control: public, max-age=3600
expires: Tue, 22 Feb 2022 18:25:40 GMT
content-length: 0
date: Tue, 22 Feb 2022 17:25:40 GMT
server: LiteSpeed
vary: User-Agent
wpx: 1
referrer-policy
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 autoptimize_0e9c3b42e4ea2e388dd82017d230a5dd.css
newspost.co.ke/wp-content/cache/autoptimize/css/ 663 KB
85 KB 232ms
231ms Stylesheet
text/css 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/wp-content/cache/autoptimize/css/autoptimize_0e9c3b42e4ea2e388dd82017d230a5dd.css
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: a9c7c54b39ca4e612fd23a10a04f0bf62499bbbb23d6b1be695eaf9ace0202e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:40 GMT
content-encoding: br
referrer-policy
last-modified: Sat, 19 Feb 2022 18:06:45 GMT
server: LiteSpeed
etag: "a5d5d-621131b5-0;br"
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
accept-ranges: bytes
wpx: 1
content-length: 86942
expires: Sun, 12 Feb 2023 17:25:40 GMT

GET
H2 200 jquery.min.js Show response
newspost.co.ke/wp-includes/js/jquery/ 87 KB
30 KB 117ms
116ms Script
application/x-javascript 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/wp-includes/js/jquery/jquery.min.js
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:40 GMT
content-encoding: br
referrer-policy
last-modified: Sat, 21 Aug 2021 13:15:12 GMT
server: LiteSpeed
etag: "15db1-6120fc60-0;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 30273
expires: Wed, 22 Feb 2023 17:25:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 66ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cb1397b0a4fee18cdad17c484b3597b9c5d4ff20c548d519020526d7aa8f154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53916
x-xss-protection: 0
server: cafe
etag: 6967800716601426183
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H2 200 IMG-20200417-WA0021-300x72.jpg
newspost.co.ke/wp-content/uploads/2020/04/ 7 KB
7 KB 117ms
116ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/04/IMG-20200417-WA0021-300x72.jpg
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 76a89d7bd5f261ab866fee49966d23e5a8e11a2ca7fed95e8e7cfc74b4cf68ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:41 GMT
referrer-policy
last-modified: Fri, 17 Apr 2020 13:35:23 GMT
server: LiteSpeed
etag: "1a6f-5e99b09b-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6767
expires: Wed, 22 Feb 2023 17:25:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 48ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C800%7COswald%3A400%2C700%2C800%7COpen+Sans%3A400%2C600%2C700%2C800%7CRoboto+Condensed%3A400%2C500%2C700%2C800&display=swap

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

deccb03d2157bac79af55ff1d5b7ceee3a42fd730c20b2d55e3025418837bba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 17:25:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 17:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H2 200 regenerator-runtime.min.js Show response
newspost.co.ke/wp-includes/js/dist/vendor/ 6 KB
2 KB 225ms
225ms Script
application/x-javascript 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:40 GMT
content-encoding: br
referrer-policy
last-modified: Wed, 26 Jan 2022 12:07:21 GMT
server: LiteSpeed
etag: "195e-61f13979-0;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 2330
expires: Wed, 22 Feb 2023 17:25:40 GMT

GET
H2 200 wp-polyfill.min.js Show response
newspost.co.ke/wp-includes/js/dist/vendor/ 19 KB
7 KB 116ms
115ms Script
application/x-javascript 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
referrer-policy
last-modified: Wed, 26 Jan 2022 12:07:21 GMT
server: LiteSpeed
etag: "4b3d-61f13979-0;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6810
expires: Wed, 22 Feb 2023 17:25:41 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 51ms
22ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&ver=3.0

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93eefc2bd8310646e1b64ef66326ca6d7ee2211805aa77829038f1aefcfdb24f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 61ms
25ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3096
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e19ea4399c46964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 25 Feb 2022 17:25:41 GMT

GET
H2 200 autoptimize_481a3998167c34a226c2d87322b9bc03.js Show response
newspost.co.ke/wp-content/cache/autoptimize/js/ 274 KB
63 KB 117ms
116ms Script
application/x-javascript 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/wp-content/cache/autoptimize/js/autoptimize_481a3998167c34a226c2d87322b9bc03.js
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: f700c30042e9fc158368a63f1874c0b6b7455fb9e4b53e14235b13226dff7936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
referrer-policy
last-modified: Sat, 19 Feb 2022 18:06:44 GMT
server: LiteSpeed
etag: "449fd-621131b4-0;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public, immutable,public
accept-ranges: bytes
wpx: 1
content-length: 64467
expires: Wed, 22 Feb 2023 17:25:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4849
date: Tue, 22 Feb 2022 16:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 18:04:52 GMT

GET
H2 200 newsmag.woff
newspost.co.ke/wp-content/themes/Newsmag/images/icons/ 19 KB
20 KB 116ms
116ms Font
application/font-woff 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/wp-content/themes/Newsmag/images/icons/newsmag.woff?15
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/wp-content/cache/autoptimize/css/autoptimize_0e9c3b42e4ea2e388dd82017d230a5dd.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: b24763119a9aa6bc836fada5889c6f2ebde0a4a99621d417073bb7ff0d95bca7

Request headers

Referer: https://newspost.co.ke/wp-content/cache/autoptimize/css/autoptimize_0e9c3b42e4ea2e388dd82017d230a5dd.css
Origin: https://newspost.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:41 GMT
referrer-policy
last-modified: Sun, 21 Nov 2021 10:53:39 GMT
server: LiteSpeed
etag: "4da0-619a2533-0;;;"
vary: User-Agent
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 19872
expires: Wed, 22 Feb 2023 17:25:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C800%7COswald%3A400%2C700%2C800%7COpen+Sans%3A400%2C600%2C700%2C800%7CRoboto+Condensed%3A400%2C500%2C700%2C800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newspost.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 09:58:52 GMT
x-content-type-options: nosniff
age: 372409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 09:58:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 39ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newspost.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 516562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newspost.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 373058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 09:48:03 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v41/ 24 KB
24 KB 44ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v41/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newspost.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:49:27 GMT
x-content-type-options: nosniff
age: 560174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24080
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:40:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 05:49:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6001302459237650&plah=newspost.co.ke

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 16804192996499609317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame AB44 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Feb 2022 03:15:22 GMT
expires: Tue, 08 Mar 2022 03:15:22 GMT
cache-control: public, max-age=1209600
age: 51019
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 28ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 22 Feb 2022 18:05:55 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ 358 KB
142 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee5d8f682805ed45d8c9ff24941a1ad286763bf61e23fde210d41e5016607106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newspost.co.ke/
Origin: https://newspost.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144945
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 05:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 17:01:41 GMT

GET
H2 200 / Show response
newspost.co.ke/ 7 KB
2 KB 147ms
146ms Script
application/javascript 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://newspost.co.ke/?gdbc-client=3.1.43-1645550741269
Requested by: Host: newspost.co.ke
URL: https://newspost.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed / PHP/7.4.25
Resource Hash: 1fd5cb1b323aeb7302c510487a04f6645d64b2579bc9cc24f8ac2c690f0de7ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
referrer-policy
wpx: 1
server: LiteSpeed
x-powered-by: PHP/7.4.25
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 2075
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 102ms
91ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2203
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e19ea45080c8fc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 25 Feb 2022 17:25:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 42ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newspost.co.ke&callback=_gfp_s_&client=ca-pub-6001302459237650

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6001302459237650&plah=newspost.co.ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cb84362f190a0f4a3dc9af0150e8524c07e0402ea1d617075e5f5c10e4abd6ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 72ms
26ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newspost.co.ke

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 51ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newspost.co.ke

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A13 254 KB
59 KB 477ms
458ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&adk=1812271804&adf=1573534164&lmt=1645294005&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewspost.co.ke%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741200&bpp=4&bdt=573&idt=117&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7444831083380&frm=20&pv=2&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a55cf8768eb759aff04f29bc381c602edbc516a5383c76ac477d54c9dab3fae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 17:25:41 GMT
server: cafe
content-length: 60051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:41 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 407B 83 KB
30 KB 737ms
727ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&slotname=7760900016&adk=329817475&adf=3025194257&pi=t.ma~as.7760900016&w=1200&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741204&bpp=10&bdt=577&idt=131&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jNjdloKoW&p=https%3A//newspost.co.ke&dtd=135

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e63cd40574ee0ce00b2c91989f15bd9f0aa92542c93f31426fd3723b14e621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 30347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56833578-44&cid=2030211238.1645550741&jid=1901102099&gjid=241913908&_gid=50402701.1645550741&_u=KGBAgEIhAAAAAE~&z=1885255710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newspost.co.ke/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 17:25:41 GMT
content-type: text/plain
access-control-allow-origin: https://newspost.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=812221076&t=pageview&_s=1&dl=https%3A%2F%2Fnewspost.co.ke%2F&ul=en-us&de=UTF-8&dt=Home%20-%20News%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIh~&jid=1901102099&gjid=241913908&cid=2030211238.1645550741&tid=UA-56833578-44&_gid=50402701.1645550741&z=1686148845

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 19:58:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77259
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0564 41 KB
21 KB 50ms
30ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&co=aHR0cHM6Ly9uZXdzcG9zdC5jby5rZTo0NDM.&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=q266j1e52nwe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9240d316abe68ac184fe67433923c77e135a0dd33015d4af42569b392af90a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KqjCjC+jJwnb8gxV4yXBWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Feb 2022 17:25:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-KqjCjC+jJwnb8gxV4yXBWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21854
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 web Show response
onesignal.com/api/v1/sync/53177436-f72e-4555-a07a-49b32233e663/ 3 KB
2 KB 338ms
329ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/53177436-f72e-4555-a07a-49b32233e663/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ef6933a44f2fc3b94aa69d10ad1d56bfe103bd8ff3245b9798d2e7ed60a7f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-envoy-upstream-service-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 99623a1b-9fed-455b-9095-ebdca94c96c9
x-runtime: 0.050784
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b5ef6933a44f2fc3b94aa69d10ad1d56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6e19ea45efa66964-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 22 Feb 2022 18:25:41 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56833578-44&cid=2030211238.1645550741&jid=1901102099&_u=KGBAgEIhAAAAAE~&z=135141356

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
32ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56833578-44&cid=2030211238.1645550741&jid=1901102099&_u=KGBAgEIhAAAAAE~&z=135141356

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ Frame 0564 51 KB
24 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&co=aHR0cHM6Ly9uZXdzcG9zdC5jby5rZTo0NDM.&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=q266j1e52nwe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 05:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:26:37 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ Frame 0564 358 KB
142 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee5d8f682805ed45d8c9ff24941a1ad286763bf61e23fde210d41e5016607106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144945
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 05:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 17:01:41 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0564 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 570011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Feb 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0564 15 KB
15 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 1140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0564 15 KB
15 KB 27ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 11267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0564 102 B
134 B 18ms
17ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e603b509658fdf55f0b46c6af2e7c189447f5046357e7d359b1fe6803574f7f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&co=aHR0cHM6Ly9uZXdzcG9zdC5jby5rZTo0NDM.&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=q266j1e52nwe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 17:25:41 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 0564 31 KB
18 KB 48ms
48ms XHR
application/json 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c00e5ee42ad3244ca8d252435e882bad6bd8b118273b4595ca86c650d9e3f715

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lea25EUAAAAAKHlvOlovMmGAPt1pQwhUx4TEU8s&co=aHR0cHM6Ly9uZXdzcG9zdC5jby5rZTo0NDM.&hl=de&v=1B_yv3CBEV10KtI2HJ6eEXhJ&size=invisible&cb=q266j1e52nwe
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18098
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 75ms
75ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2234
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6e19ea48285e8fc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Mar 2022 17:25:41 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 150 KB
53 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eccc811869d20e4620adbf26a3dd4ec6f36c50f1d05afda0e9927cd429e209f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54549
x-xss-protection: 0
server: cafe
etag: 16500740720032982357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 37ms
20ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newspost.co.ke

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
21ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newspost.co.ke

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E90 95 KB
33 KB 725ms
724ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=2197940135&adf=1757964483&pi=t.aa~a.629734229~rp.4&w=1019&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=1019x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RWWIeffRY6&p=https%3A//newspost.co.ke&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762129dae4db7fa09fbe559d66481dac053e829b21a687572e867af1080ccebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 34048
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 983B 72 KB
30 KB 737ms
736ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1432245187bf6dfa18959a616158d379c22c22a7927fc29d4022ceb42fe7088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 30397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4048 72 KB
30 KB 426ms
426ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd004317d475eb0a81e7ee90a64fed54636708c9d07f25cc7777a6e4dc76347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 30560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newspost.co.ke

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newspost.co.ke

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/ Frame B2A3 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Feb 2022 00:48:11 GMT
expires: Tue, 08 Mar 2022 00:48:11 GMT
cache-control: public, max-age=1209600
age: 59850
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/ Frame C770 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Feb 2022 00:48:11 GMT
expires: Tue, 08 Mar 2022 00:48:11 GMT
cache-control: public, max-age=1209600
age: 59850
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame B2A3 4 KB
634 B 39ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 16:24:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 17:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2A3 205 B
229 B 9ms
9ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 14:44:50 GMT
x-content-type-options: nosniff
age: 96051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Feb 2023 14:44:50 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2A3 604 B
628 B 10ms
9ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:03:50 GMT
x-content-type-options: nosniff
age: 26511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Feb 2023 10:03:50 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame B2A3 19 KB
8 KB 42ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d68d8c9b0afec111ca934d319c454fe9d57234d8915b2d837e36d54410ddf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8146
x-xss-protection: 0
server: cafe
etag: 10717154116364420598
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:15:33 GMT

GET
H3 200 d236ac784afdc66bd75f55f83c8bc285.js Show response
www.gstatic.com/mysidia/ Frame C770 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d236ac784afdc66bd75f55f83c8bc285.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3664
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:53:58 GMT

GET
H3 200 47b2c5ef24c0ac2e7e4fb8b2ded5fd84.js Show response
www.gstatic.com/mysidia/ Frame C770 8 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/47b2c5ef24c0ac2e7e4fb8b2ded5fd84.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d557e5430453c9223fde9cc2e2ab3030a37628310635ac468b2bc558933781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3622
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:53:58 GMT

GET
H3 200 545805d0ec1e49e0c88c01388d169265.js Show response
www.gstatic.com/mysidia/ Frame C770 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/545805d0ec1e49e0c88c01388d169265.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4591d944141dd05f65eac6c5b7a46145c8f425a10b8209bb2cfaed67048e3639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5855
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:50:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C770 8 KB
892 B 30ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 16:19:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 17:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 17:25:41 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C770 2 KB
984 B 40ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:00:28 GMT

GET
H3 200 d34df65fcafd90cc5429663efaa0dabf.js Show response
www.gstatic.com/mysidia/ Frame C770 6 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d34df65fcafd90cc5429663efaa0dabf.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c8e1b1a02e786dc2842bf830ea10563de9c49058163de036b0c1c978ded66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2261
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:54:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame C770 19 KB
8 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C770 2 KB
1 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C770 124 KB
38 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame C770 15 KB
6 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:07:59 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame C770 28 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:40:49 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/53177436-f72e-4555-a07a-49b32233e663/ 44 B
519 B 177ms
145ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/53177436-f72e-4555-a07a-49b32233e663/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e4c7e12b-92f9-4e96-ad88-7a45abdfaa8a
x-runtime: 0.010581
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6e19ea49aa7b0e2a-MXP
access-control-allow-headers: SDK-Version

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C770 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAGEAwBAoNECshAAAAAAAAHEAwAQoNEAMhAAAAoJnZTUAwBBIaQ05XdW1adnFrX1lDRmJYQkVRZ2RRNHNMd1EiFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/545805d0ec1e49e0c88c01388d169265.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C770 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnZTalRwVYpWQF7WDx_APw5auiAz73tvMaPyNic3vDrGJkK2SDhABILWF9nxgleKQgqAHoAGq3NiyAcgBAakCfkHkxLgJsz6oAwGqBM0BT9D9QzPCLys22Q3wL7PKY0hmjpj3vBwiEq9AN3IkARVs3aCCJ8o-VWLZHFuFQB_80IAnOrrAwrZ8v8ofr68SFwtLuLQ58IloXEKSB7tFzjjyQoj4DCGX5lXPF5N2URFQ44ZO1B_z-khRAJkAVA7-5YEyAtupaOSb1_KzlHjSYq0ENjQOPttXPMHppU3bKOIv3wwABJGbz3f5l2xZWZCTYmOmzZu3YRFluhefe1qO-F54SUP_RuZY8qOEIzc7GGjn8Tq3MDb52ltnZTCOisAE-rLRt9kDkgUECAQYAZIFBAgFGASAB9TOp80CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQq96yBdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi02MDAxMzAyNDU5MjM3NjUwGAA&sigh=5-h1JxN0APg&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 17:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 d236ac784afdc66bd75f55f83c8bc285.js Show response
www.gstatic.com/mysidia/ Frame 49A3 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d236ac784afdc66bd75f55f83c8bc285.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3664
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:53:58 GMT

GET
H3 200 545805d0ec1e49e0c88c01388d169265.js Show response
www.gstatic.com/mysidia/ Frame 49A3 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/545805d0ec1e49e0c88c01388d169265.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4591d944141dd05f65eac6c5b7a46145c8f425a10b8209bb2cfaed67048e3639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5855
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:50:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 49A3 6 KB
670 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 16:01:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 17:25:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 49A3 2 KB
904 B 28ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:00:28 GMT

GET
H3 200 d34df65fcafd90cc5429663efaa0dabf.js Show response
www.gstatic.com/mysidia/ Frame 49A3 6 KB
2 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d34df65fcafd90cc5429663efaa0dabf.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c8e1b1a02e786dc2842bf830ea10563de9c49058163de036b0c1c978ded66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2261
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:54:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 49A3 19 KB
8 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 49A3 2 KB
1 KB 30ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49A3 124 KB
38 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 49A3 15 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:07:59 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame 49A3 28 KB
12 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:40:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 34A9 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 22 Feb 2022 17:03:13 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C770 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAACRAMAQKDRAQIQAAAAAAwrJAMAQKDRARIQAAAAAANtFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAJiZCWFAMAQSGkNOV3VtWnZxa19ZQ0ZiWEJFUWdkUTRzTHdRIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/545805d0ec1e49e0c88c01388d169265.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 407B 6 KB
670 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&slotname=7760900016&adk=329817475&adf=3025194257&pi=t.ma~as.7760900016&w=1200&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741204&bpp=10&bdt=577&idt=131&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jNjdloKoW&p=https%3A//newspost.co.ke&dtd=135

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 16:05:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 17:25:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 407B 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:00:28 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 407B 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 407B 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 407B 124 KB
38 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 407B 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:07:59 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame 407B 28 KB
12 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:40:49 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4910348745643962454/ Frame 407B 10 KB
10 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4910348745643962454/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d4a9784b8fedd0e530920514d2d2454075e5c7b677c78555b514584d359fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:39:35 GMT
x-content-type-options: nosniff
age: 564367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10233
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 12:49:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Feb 2023 04:39:35 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13028642976647191406/ Frame 407B 790 B
817 B 10ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13028642976647191406/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6022e14eddb6b4746f32f9089d400bc06609ea43b99984741f48982621c5a339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 18:21:03 GMT
x-content-type-options: nosniff
age: 83079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 790
x-xss-protection: 0
last-modified: Mon, 30 Sep 2019 08:03:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Feb 2023 18:21:03 GMT

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame ED83 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:09:44 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame 407B 35 B
0 252ms
20ms Fetch
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=44373739;1x1inv=1;srctype=3;ord=2795314755

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 407B 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDrZPlRwVYsjOF9eXygXRnZT4CrC195RomJPlqdANkPC0gcoNEAEgtYX2fGCV4pCCoAegAcjk14oDyAEJqQJ-QeTEuAmzPqgDAcgDywSqBNIBT9CCdT3Utdve66N42VRSkGW0RZPspH3_wSdTxjqZcoizdNXFx-_7zGTo2iAswSOBXwGmVrTLPK7-H2vGA_JKhbjfa2xbM8IHFxloxYthhbbjox9wHNp-iOaVhkz3bYzIg1P72EYYTaSiXHczYSoqgyj5PzYaMOoyvcEof04-t5FFWY4LNzMTUxQGNVLSTzckTbhsDf8UOwre90HWlutlQOQ_mat6iag-LkGva4dogHHJwq22euf3dVRU88feVCSBPNGBBU5emimgjn0I4_yRCh5BwASttZzyrQOSBQQIBBgBkgUECAUYBKAGLoAHoJuodagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENSXtgfSCAkIgOGAEBABGB-ACgHICwHYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItNjAwMTMwMjQ1OTIzNzY1MBgA&sigh=UKn6aMYWEMo&uach_m=[UACH]&cid=CAQSGwCNIrLMEt90REDZbn39rlipu2KY5UX9j3wzBBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&slotname=7760900016&adk=329817475&adf=3025194257&pi=t.ma~as.7760900016&w=1200&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741204&bpp=10&bdt=577&idt=131&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jNjdloKoW&p=https%3A//newspost.co.ke&dtd=135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 17:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 34A9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

85ms
82ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49A3 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnRvd2VyQQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAUQDAECg0QAyEAAACAZuY9QDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAFEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAAA20UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAAADAV0AwBAoNEBQhAAAAAIAh0kAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAA0MxsWkAwBBIaQ05TdW1adnFrX1lDRmJYQkVRZ2RRNHNMd1EiHHNjcmVhbS90aHJvbmVfaW1hZ2VfbG9nb19vY2goEQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/545805d0ec1e49e0c88c01388d169265.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C770 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAEAT00AwBAoNEBUhAAAAAAAAKkAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAAAAgaEAwBAoNEDIhAAAAAKCZ2T8wBAoNEDMhAAAAAKCZ2T8wBAoNEDQhAAAAAKCZ2T8wBAoNEDUhAAAAAKCZ2T8wBAoNEDYhAAAAAKCZ2T8wBAoNEDchAAAAAKCZ2T8wBAoNEDghAAAAAMzM9D8wBAoNEDkhAAAAAM3MHkAwBAoNEDohAAAAgGZmIEAwBAoNEDshAAAAmJn5YEAwBAoNEDwhAAAA0Mz8YEAwBAoNED0hAAAAmJkJYUAwBAoNED4hAAAA0MwcaEAwBAoNED8hAAAA0MwcaEAwBAoNEEAhAAAA0MxsaEAwBBIaQ05XdW1adnFrX1lDRmJYQkVRZ2RRNHNMd1EiFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/545805d0ec1e49e0c88c01388d169265.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 407B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aff0445d20bca116ef1249e3a746dcb92bcd1fd97514ed3c196e21d8e416520f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 407B 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 516430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 17:58:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 407B 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 516563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 407B 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 373059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 09:48:03 GMT

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame E005 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:09:44 GMT

GET
H3 200 10856512049536793825
tpc.googlesyndication.com/daca_images/simgad/ Frame 4048 25 KB
25 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10856512049536793825

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

287728831c6885f9ca09542edb76705270f8a9ce70ff9765d8ca95ebb358afda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:56:32 GMT
x-content-type-options: nosniff
age: 437350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25916
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:19:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Feb 2023 15:56:32 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 4048 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4048 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4048 124 KB
38 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4048 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:07:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4048 0
0 28ms
27ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgHJS95pzrKmpldCPL9myPUksVgDZjmsFHBq5YyMPoQF-C_MFEd3HrEZPwmt8F6xUeXB1wxQk8i1qNORx2mErESUNMKw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 4048 28 KB
12 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11757
x-xss-protection: 0
server: cafe
etag: 16992248388390577427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:03:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4048 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuKeRlRwVYpCDOoLLygXn8ILQCNXn0MZo9NLDxJoP29keEAEgtYX2fGCV4pCCoAegAfL7098DyAECqQKL4yTeZwazPqgDAcgDyQSqBNABT9DdD8N8LCi-xUjTs3JBLCzjgigx2dPv6zbehpivS8VXXasZ9RlZMu0QL99WUP5t1ewlK_WswUq6b2DsfQGkm-7_gmC2MkRH2lTj0Sfwys6oSLQp4RFqxHexLWc3-pPBFdHeZYnXEpuhyx1Lq9QsvxK5C-86nQ-uxLYmGstC6Xxii0fex9iMKUVXEZ7QzJCFZ4eCHZHPcTowTdMPti13Wsq2dsrLdxiSU3gnrDCe3HdJef4eKYmepKbg2VX6GnyLHDrBgwdXoPBEFSNgbcX0H8AEgKqG1rQDkgUECAQYAZIFBAgFGASgBgKAB9nlsiaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCLoRzSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjAwMTMwMjQ1OTIzNzY1MBgA&sigh=RrvmDRpshFI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 17:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 85BB 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 22 Feb 2022 17:03:13 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 057C 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 22 Feb 2022 05:53:44 GMT
expires: Wed, 23 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 41518
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4048 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b730f7bce37ce68f83135bbffd6ded00a2b74e341b2c0993eb2252cb4e9af45e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 057C 35 B
463 B 43ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOpady5nK5hbsydLsMmo68U&google_cver=1&google_push=AYg5qPIY-A2x-iAW5BgaSL7yYofKrp4uSx6HWLRi3nFO4Eo_ozMHL_KMJMIUHDp-PanEXG3f-o7sG8R4J97AftYi3GFXRyFH8xY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 057C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLO9UJtas-Z3OsRhAadyCdwrvDlKfQOhoLmUWB...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBTmo5LW1RUw&google_push=AYg5qPLO9UJtas-Z3OsRhAadyCdwrvDlKfQOhoLmUWBcvqTvhtzHDoW-y6D-_PveRt3DGDERcD2DljLauUIgMwMv-fLbtpII7-En

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBTmo5LW1RUw&google_push=AYg5qPLO9UJtas-Z3OsRhAadyCdwrvDlKfQOhoLmUWBcvqTvhtzHDoW-y6D-_PveRt3DGDERcD2DljLauUIgMwMv-fLbtpII7-En

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBTmo5LW1RUw&google_push=AYg5qPLO9UJtas-Z3OsRhAadyCdwrvDlKfQOhoLmUWBcvqTvhtzHDoW-y6D-_PveRt3DGDERcD2DljLauUIgMwMv-fLbtpII7-En
Date: Tue, 22 Feb 2022 17:25:42 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 057C 43 B
351 B 40ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOCzqffbJFqtzlT0vhkt-fs&google_cver=1&google_push=AYg5qPIm5f18y11kSdYWFZlfTg_JkEw_QufhA_cd9LfpoELk4EE0Ob1pA4EtpX9YEtj0VOvNjCi3tgvW1gceF9f8VKNkAkBPYhA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: o95ame4b1t8sokhukmhtj1j5el3hk127

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 057C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sbzn-Jl9TbqCml9H6HRr-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sbzn-Jl9TbqCml9H6HRr-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUQNYlBJEHPSoL98syIcu4HHICHr09-Aj1V8V2qNSVjC-QGEScr4HeMWEV5twIKxVjNxKh-KuVJzcxICO-FBiTuQzoFwSM

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sbzn-Jl9TbqCml9H6HRr-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUQNYlBJEHPSoL98syIcu4HHICHr09-Aj1V8V2qNSVjC-QGEScr4HeMWEV5twIKxVjNxKh-KuVJzcxICO-FBiTuQzoFwSM
date: Tue, 22 Feb 2022 17:25:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 057C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMUyBiEfAj6sB1VyhXx9yHs&google_cver=1&google_push=AYg5qPIhaEtRrmCNVmvh84KBHZMWe6WYPuICvDOcWSfApx4920yIW1mpe2f2wyRQAYchg1CDQXb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCM1QtMVItQTBH&google_push=AYg5qPIhaEtRrmCNVmvh84KBHZMWe6WYPuICvDOcWSfApx4920yIW1mpe2f2wyRQAYchg1CDQXbwLnNzGHAkuD-JMhl_52kgNSij

170 B
188 B

37ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCM1QtMVItQTBH&google_push=AYg5qPIhaEtRrmCNVmvh84KBHZMWe6WYPuICvDOcWSfApx4920yIW1mpe2f2wyRQAYchg1CDQXbwLnNzGHAkuD-JMhl_52kgNSij

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCM1QtMVItQTBH&google_push=AYg5qPIhaEtRrmCNVmvh84KBHZMWe6WYPuICvDOcWSfApx4920yIW1mpe2f2wyRQAYchg1CDQXbwLnNzGHAkuD-JMhl_52kgNSij
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 057C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjz6RT41dgkemprJByqsB4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJjz6RT41dgkemprJByqsB4&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 057C 43 B
296 B 212ms
19ms Image
image/gif 2a05:d01c:1d8:8100:cf80:c203:5e45:e44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBmgDyvwTKwH4IimsSLPUW8&google_cver=1&google_push=AYg5qPKduGl6MZaYTRuvbEUR8SyQefqkeYTUOaEiyI1MYBXdlHlKrcX2MfR7t0cLpdN828h10MKPdfD9Li8YSQqGNYMLHAq64ooT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=100&adk=4055306948&adf=1734168693&pi=t.aa~a.183990385~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x100&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=0&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280%2C339x280&nras=4&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=631&ady=2286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4Pqx46h5pg&p=https%3A//newspost.co.ke&dtd=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:cf80:c203:5e45:e44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 057C 0
223 B 49ms
16ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KiuYwzwbv9NawcJGKvIjiRZQShRa9YoJOo7DwOeR20GUP5A1RI2NHqsawqopHs6ywDS_zH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 85BB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

73ms
72ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame F81C 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:09:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5E90 8 KB
892 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=2197940135&adf=1757964483&pi=t.aa~a.629734229~rp.4&w=1019&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=1019x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RWWIeffRY6&p=https%3A//newspost.co.ke&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 17:03:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 17:25:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 5E90 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:30 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame 5E90 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:55 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 5E90 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:20:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E90 124 KB
38 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 5E90 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:20:45 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame 5E90 28 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:40:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E90 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXJ6SlRwVYovwN8-bygXRlIgY_b2mwmi5o8P4vg3b2R4QASC1hfZ8YJXikIKgB6ABt4Pg8ALIAQmpAovjJN5nBrM-qAMByAPLBKoEygFP0GKpPKGAV0tDegz020hzZv4_Bm63sDtmoKyGL4gXTHUSzmOFRG2P6lu7QidQFsa51AZ5dv_5nKxaa1UexuMBeo4cfh5pa5eYhDFfLWID2HaGwO1LkYofteeGMEyfHCwGUU9QMKL05qLyOYHG-2DZ8fXQcly1h_mEpGnoNiXY33ybwffRyQNihFZ9_9vwCrAm2My1D9eUjM2lwkl-5wWN_1lIwuIymBdA0iQeGLmjbqoz6NylRthCi-hI7EJkVkIVFjWwbWAIJVOjwASer9yZrAOSBQQIBBgBkgUECAUYBKAGLoAHsfyfjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRC-s_sB0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi02MDAxMzAyNDU5MjM3NjUwGAA&sigh=J8yHrCUe6NA&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=2197940135&adf=1757964483&pi=t.aa~a.629734229~rp.4&w=1019&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=1019x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RWWIeffRY6&p=https%3A//newspost.co.ke&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 17:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4076510469189083412/ Frame 5E90 19 KB
19 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4076510469189083412/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5b93bb4a7fbf43eeb757a07f671c7f8562a4fb650c0768d1803b99b9ae7473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 23:12:03 GMT
x-content-type-options: nosniff
age: 238419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19452
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 17:12:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Feb 2023 23:12:03 GMT

GET
DATA 200
OK truncated
/ Frame 5E90 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5E90 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 102E 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 22 Feb 2022 05:53:44 GMT
expires: Wed, 23 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 41518
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 9770282723464898334
tpc.googlesyndication.com/daca_images/simgad/ Frame 983B 31 KB
31 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9770282723464898334

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4a0e482cd6957c079d57c0d79dc603ba4b7f4ef91dd6e8789cd3387686d6b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 22:32:33 GMT
x-content-type-options: nosniff
age: 327189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31243
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 13:42:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Feb 2023 22:32:33 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 983B 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 983B 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:22:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 983B 124 KB
38 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 983B 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 17:07:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 983B 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXwsZqti-kDMDd-v9xa4bHuhXklC4yWHr5vIuSsKfgJJ6QU6cv7Pzsl85blzchIdLn7vhKYStqQhjxDXLcJ1PVFp--lg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 983B 28 KB
12 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11757
x-xss-protection: 0
server: cafe
etag: 16992248388390577427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 14:03:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 983B 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTX2wlRwVYurNOdXPywXJ0rq4DtXn0MZoypbqoNsP29keEAEgtYX2fGCV4pCCoAegAfL7098DyAECqQJ-QeTEuAmzPqgDAcgDyQSqBMoBT9BohWnUfShshnh7OBS9SEASSf1uF6FxWOia_qyaq4-B0yhJ1DqVm8EFEqxjz3P8RZJPDLAicrfKtisIYOSVu_JdAYUCAxhegom7OnVNn4lN5D_pWxA5U3b98_HZKG5ze9VokLuEk8UkG9fZZP9j_JLyRD_pIGa-kQGtSQJ6-7h0MV08VUYOD1H8HIINHadTsGVlsR8IbBYeA4WdRTTnu7ZsIdO5h5AUAaKVIoL2ePHrQ8bB1yWlp1aLAapce4DOVyvHJxw7m-sSyMAEgKqG1rQDkgUECAQYAZIFBAgFGASgBgKAB9nlsiaoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRC6iN0C0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTYwMDEzMDI0NTkyMzc2NTAYAA&sigh=Pz0jkGui_DY&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Feb 2022 17:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B4E7 143 B
163 B 10ms
9ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 22 Feb 2022 17:03:13 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F8A 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 22 Feb 2022 05:53:44 GMT
expires: Wed, 23 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 41518
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 102E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMtcEb7dofMph5WAUsFg3lc&google_cver=1&google_push=AYg5qPJXjnRTFv8rebn5XBsSW0Wz8ysdmvnJ8-bV3QOKOwzIigAbTaPNT_...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJXjnRTFv8rebn5XBsSW0Wz8ysdmvnJ8-bV3QOKOwzIigAbTaPNT_BIk5VpsGgGBY1Q_YO_3IHKF4lSn2i0ndMTawssTIaI&google_hm=5mKease9WgMG...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJXjnRTFv8rebn5XBsSW0Wz8ysdmvnJ8-bV3QOKOwzIigAbTaPNT_BIk5VpsGgGBY1Q_YO_3IHKF4lSn2i0ndMTawssTIaI&google_hm=5mKease9WgMG_K3evdOX5Q

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJXjnRTFv8rebn5XBsSW0Wz8ysdmvnJ8-bV3QOKOwzIigAbTaPNT_BIk5VpsGgGBY1Q_YO_3IHKF4lSn2i0ndMTawssTIaI&google_hm=5mKease9WgMG_K3evdOX5Q
pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 102E
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKbm9Vik3tpulIciEcmTns4oOEFOpg7-rB8Ee_...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFCZFA5bTNKSA&google_push=AYg5qPKbm9Vik3tpulIciEcmTns4oOEFOpg7-rB8Ee_CoB-P6BhihO8D9DDgnaGOdSKWcrV-kpz4W4TVzsA2swi0OlhB_AI8kOS-

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFCZFA5bTNKSA&google_push=AYg5qPKbm9Vik3tpulIciEcmTns4oOEFOpg7-rB8Ee_CoB-P6BhihO8D9DDgnaGOdSKWcrV-kpz4W4TVzsA2swi0OlhB_AI8kOS-

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFCZFA5bTNKSA&google_push=AYg5qPKbm9Vik3tpulIciEcmTns4oOEFOpg7-rB8Ee_CoB-P6BhihO8D9DDgnaGOdSKWcrV-kpz4W4TVzsA2swi0OlhB_AI8kOS-
Date: Tue, 22 Feb 2022 17:25:42 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 102E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENfh05-a_G8A4voQ3pRdy7k&google_cver=1&google_push=AYg5qPInxUcuGMfQfLd-Gh-n9niFGJLpTR4xJqdC8w6RvziHfqdkU3JzZHwk7qKiCxRv0uHeSfEiQSsd1iblk8H2EdOLMxzE-xZS
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPInxUcuGMfQfLd-Gh-n9niFGJLpTR4xJqdC8w6RvziHfqdkU3JzZHwk7qKiCxRv0uHeSfEiQSsd1iblk8H2EdOLMxzE-xZS&google_hm=Q0FFU0VOZmgwNS1hX0c4Q...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPInxUcuGMfQfLd-Gh-n9niFGJLpTR4xJqdC8w6RvziHfqdkU3JzZHwk7qKiCxRv0uHeSfEiQSsd1iblk8H2EdOLMxzE-xZS&google_hm=Q0FFU0VOZmgwNS1hX0c4QTR2b1EzcFJkeTdr

Requested by

Host: newspost.co.ke
URL: https://newspost.co.ke/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 17:25:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPInxUcuGMfQfLd-Gh-n9niFGJLpTR4xJqdC8w6RvziHfqdkU3JzZHwk7qKiCxRv0uHeSfEiQSsd1iblk8H2EdOLMxzE-xZS&google_hm=Q0FFU0VOZmgwNS1hX0c4QTR2b1EzcFJkeTdr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 102E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLjXptG...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLjXptG...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMjIxNzI1NDMwMDA5OTQ1NDU3ODY4NQ%3D%3D&google_push=AYg5qPLjXptGywWpzcAFeE6RBQMrPEqNPk3v6c0dSOc08UnlO3KLQ17Yd6hRx69kLByj36...

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMjIxNzI1NDMwMDA5OTQ1NDU3ODY4NQ%3D%3D&google_push=AYg5qPLjXptGywWpzcAFeE6RBQMrPEqNPk3v6c0dSOc08UnlO3KLQ17Yd6hRx69kLByj36iN_WoEHFUtd-2gEApKUNpSoOl0TiDd

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMjIxNzI1NDMwMDA5OTQ1NDU3ODY4NQ%3D%3D&google_push=AYg5qPLjXptGywWpzcAFeE6RBQMrPEqNPk3v6c0dSOc08UnlO3KLQ17Yd6hRx69kLByj36iN_WoEHFUtd-2gEApKUNpSoOl0TiDd
pragma: no-cache
date: Tue, 22 Feb 2022 17:25:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 22 Feb 2022 17:25:43 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 102E 43 B
324 B 45ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELf7uyDDQft3WnCSN9myhLE&google_push=AYg5qPJSHJhtyCNoQMOSrFeubd75DEOrPKTHHbOI-plV2twAbtPaW10EspDd1Se6rAbjmJDTO4CfhHHeSDK_NLXTWLNgFjxWY796&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=2197940135&adf=1757964483&pi=t.aa~a.629734229~rp.4&w=1019&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=1019x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RWWIeffRY6&p=https%3A//newspost.co.ke&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 102E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDgwPpaUF3-o-eZoo2cY8-M&google_cver=1&google_push=AYg5qPInoTXx6Zu5jOzehBVVVbBp-KqTyVwyKd3QBGN4kNRMElnk3BRlotP-9qD5Bz2ZkAH432U...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOEEtWS1EVjU2&google_push=AYg5qPInoTXx6Zu5jOzehBVVVbBp-KqTyVwyKd3QBGN4kNRMElnk3BRlotP-9qD5Bz2ZkAH432UZ2ZiOXBO-NTgThVsgFjN2kzXc

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOEEtWS1EVjU2&google_push=AYg5qPInoTXx6Zu5jOzehBVVVbBp-KqTyVwyKd3QBGN4kNRMElnk3BRlotP-9qD5Bz2ZkAH432UZ2ZiOXBO-NTgThVsgFjN2kzXc

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOEEtWS1EVjU2&google_push=AYg5qPInoTXx6Zu5jOzehBVVVbBp-KqTyVwyKd3QBGN4kNRMElnk3BRlotP-9qD5Bz2ZkAH432UZ2ZiOXBO-NTgThVsgFjN2kzXc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 102E 43 B
296 B 22ms
20ms Image
image/gif 2a05:d01c:1d8:8100:cf80:c203:5e45:e44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESECLED0KXkGvi8zdXrYTv1G0&google_cver=1&google_push=AYg5qPIBEKMgE98tdqKI0gTHYNRPPyS9DbrEOKSsmdbi0JpAWY2UBdHR5S0jsBtcgu0_CFPMDsbZM_nShk99zy03EgZCB3FzxYrc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=2197940135&adf=1757964483&pi=t.aa~a.629734229~rp.4&w=1019&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=1019x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RWWIeffRY6&p=https%3A//newspost.co.ke&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:cf80:c203:5e45:e44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 102E 0
12 B 16ms
14ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_e8Znm-ichYea3MZjduT41cC2qo7E6_2mSbM2UIFP4awE8FBjjcsmKPtKQ_Eq2EK5yttR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F8A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHmUVzi_ld9WmOiF_7BTnw&google_cver=1&google_push=AYg5qPIPQfgU6pIHQ3EYdx5RtSxRZf3JA3GKPpdERMwFwm47CJTXSL6owH...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIPQfgU6pIHQ3EYdx5RtSxRZf3JA3GKPpdERMwFwm47CJTXSL6owHuyHmwiUetuSsnm7uqFeuvFbnuuFdbfCFrM6PMSlmQ&google_hm=5mKease9WgMG_...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIPQfgU6pIHQ3EYdx5RtSxRZf3JA3GKPpdERMwFwm47CJTXSL6owHuyHmwiUetuSsnm7uqFeuvFbnuuFdbfCFrM6PMSlmQ&google_hm=5mKease9WgMG_K3evdOX5Q

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIPQfgU6pIHQ3EYdx5RtSxRZf3JA3GKPpdERMwFwm47CJTXSL6owHuyHmwiUetuSsnm7uqFeuvFbnuuFdbfCFrM6PMSlmQ&google_hm=5mKease9WgMG_K3evdOX5Q
pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F8A
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI3ggJJF3UClqlRxulUa5j5yyoFltU9yB9p-BM...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBZkB5dFV3Uw&google_push=AYg5qPI3ggJJF3UClqlRxulUa5j5yyoFltU9yB9p-BMJmOg12aVU-VhlDY2QjbOKhIWDL2X1AcVvwMZTV-pHF8AiZgg_poAEtg4

170 B
188 B

22ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBZkB5dFV3Uw&google_push=AYg5qPI3ggJJF3UClqlRxulUa5j5yyoFltU9yB9p-BMJmOg12aVU-VhlDY2QjbOKhIWDL2X1AcVvwMZTV-pHF8AiZgg_poAEtg4

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWhVY2xnQUFBZkB5dFV3Uw&google_push=AYg5qPI3ggJJF3UClqlRxulUa5j5yyoFltU9yB9p-BMJmOg12aVU-VhlDY2QjbOKhIWDL2X1AcVvwMZTV-pHF8AiZgg_poAEtg4
Date: Tue, 22 Feb 2022 17:25:42 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F8A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEFpmYZObSR5DsPYvC2NpYqE&google_cver=1&google_push=AYg5qPKfjnFu4mBJMWt1Vbx6DqPh3HdHx5U_XOpOR-EdK6vJeIa6WdjCpperSpRLLMzx_2MlabTibp-SzF-ShFgu9Kf3zkkdmjE
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKfjnFu4mBJMWt1Vbx6DqPh3HdHx5U_XOpOR-EdK6vJeIa6WdjCpperSpRLLMzx_2MlabTibp-SzF-ShFgu9Kf3zkkdmjE&google_hm=Q0FFU0VGcG1ZWk9iU1I1RH...

170 B
188 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKfjnFu4mBJMWt1Vbx6DqPh3HdHx5U_XOpOR-EdK6vJeIa6WdjCpperSpRLLMzx_2MlabTibp-SzF-ShFgu9Kf3zkkdmjE&google_hm=Q0FFU0VGcG1ZWk9iU1I1RHNQWXZDMk5wWXFF

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 17:25:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKfjnFu4mBJMWt1Vbx6DqPh3HdHx5U_XOpOR-EdK6vJeIa6WdjCpperSpRLLMzx_2MlabTibp-SzF-ShFgu9Kf3zkkdmjE&google_hm=Q0FFU0VGcG1ZWk9iU1I1RHNQWXZDMk5wWXFF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 4F8A 43 B
64 B 25ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMz43klOfc76Pq7wZ_UfTck&google_cver=1&google_push=AYg5qPJdLd20LDx-SjFV8XwJogj5YgOqlZOc8aMwXhmtsDzlgx4jnMnWoaYmqKs7MeALzEH2lDAhToAoP0ZPO3imhubpfacd4Zk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6001302459237650&output=html&h=280&adk=3564907077&adf=1774053938&pi=t.aa~a.2980554792~rp.1&w=339&fwrn=4&fwrnh=100&lmt=1645294005&rafmt=1&to=qs&pwprc=9189067455&psa=0&format=339x280&url=https%3A%2F%2Fnewspost.co.ke%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645550741862&bpp=1&bdt=1235&idt=-M&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29f01753fe5dab02-220677f849cd00e7%3AT%3D1645550741%3ART%3D1645550741%3AS%3DALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ&prev_fmts=0x0%2C1200x280%2C1019x280&nras=3&correlator=7444831083380&frm=20&pv=1&ga_vid=2030211238.1645550741&ga_sid=1645550741&ga_hid=812221076&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=971&ady=1737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063221%2C31064018&oid=2&pvsid=880123659068048&pem=844&tmod=14437469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PuNnVVbzbX&p=https%3A//newspost.co.ke&dtd=36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: k452j1u8d59fq3ndtc10vn4vfml9p6n4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F8A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEND0NjNv9LUlXdUos7rytyU&google_cver=1&google_push=AYg5qPLnigvUhzGGBAU8hN-PWPhgIMvlz9ZQDT2SgnTsysa_Ek5vip5yZqwN6q3JVeR9xyv5faX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOTQtRC1WQUI=&google_push=AYg5qPLnigvUhzGGBAU8hN-PWPhgIMvlz9ZQDT2SgnTsysa_Ek5vip5yZqwN6q3JVeR9xyv5faXtUugmfd0JQwF--HuAwgykPqs

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOTQtRC1WQUI=&google_push=AYg5qPLnigvUhzGGBAU8hN-PWPhgIMvlz9ZQDT2SgnTsysa_Ek5vip5yZqwN6q3JVeR9xyv5faXtUugmfd0JQwF--HuAwgykPqs

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pZRUZCOTQtRC1WQUI=&google_push=AYg5qPLnigvUhzGGBAU8hN-PWPhgIMvlz9ZQDT2SgnTsysa_Ek5vip5yZqwN6q3JVeR9xyv5faXtUugmfd0JQwF--HuAwgykPqs
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4F8A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHH...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F8A
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOf9aVS0FHw_pbvLg2qYV4o&google_cver=1&google_push=AYg5qPKgY-xlV9WB80DndegK...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgY-xlV9WB80DndegK7ctXh5w4paixLuOSZukDD3FHSMWQShXQhuyRnrHgzicvuV4ssoaJqC3SPe4OVXMc_vd_E3R_LOts&google_hm=

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgY-xlV9WB80DndegK7ctXh5w4paixLuOSZukDD3FHSMWQShXQhuyRnrHgzicvuV4ssoaJqC3SPe4OVXMc_vd_E3R_LOts&google_hm=

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:42 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKgY-xlV9WB80DndegK7ctXh5w4paixLuOSZukDD3FHSMWQShXQhuyRnrHgzicvuV4ssoaJqC3SPe4OVXMc_vd_E3R_LOts&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 21 Feb 2022 17:25:42 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F8A 0
12 B 17ms
16ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8wS4cBWo4-n45MEyKvadTOl4YHVkpA0-BYbAlG84m_2Ad1YOnfnHjnrLxl_1tGDj8fsIUuQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B4E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

82ms
82ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 17:25:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Feb 2022 17:25:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5E90 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8715f4ef9ff4d7f6081b90c36f22bc412350fb9fd96f5634f324d43168b8c3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 5E90 28 KB
28 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 601873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:14:29 GMT

GET
DATA 200
OK truncated
/ Frame 983B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba45765ef59b94f9eee30231820b2e7c66ea52c729608117093b403eced8c867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame A788 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:09:44 GMT

GET
H2 200 images-33-180x135.jpeg
newspost.co.ke/wp-content/uploads/2021/12/ 10 KB
10 KB 116ms
116ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/images-33-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: d28c9853b8e794c0dd505a9a0f2db038aa47ab1954a4879799ab4c82fdd13ebe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:42 GMT
referrer-policy
last-modified: Thu, 30 Dec 2021 09:00:44 GMT
server: LiteSpeed
etag: "2692-61cd753c-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 9874
expires: Wed, 22 Feb 2023 17:25:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 43ms
24ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8896a5dec9e8f014bbfe43d92e33004184a9aa766952a1064710079564547cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 17:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9770
x-xss-protection: 0

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame B1BB 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:09:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 175ms
175ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 17:25:43 GMT

GET
H2 200 eachers-Service-Commission-TSC-Secretary-Dr.-Nancy-Macharia-800x500-1-180x135.gif
newspost.co.ke/wp-content/uploads/2022/01/ 17 KB
17 KB 160ms
160ms Image
image/gif 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2022/01/eachers-Service-Commission-TSC-Secretary-Dr.-Nancy-Macharia-800x500-1-180x135.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 909eb37b99359fa21aea9ecb87fa582cab9e93e2f9056d99914bac1696691ffd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Thu, 06 Jan 2022 18:18:51 GMT
server: LiteSpeed
etag: "43ea-61d7328b-0;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 17386
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-29-180x135.jpeg
newspost.co.ke/wp-content/uploads/2021/12/ 7 KB
7 KB 214ms
214ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/images-29-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: ae27fc77d0eb156e97da4b6619ae3c06c936c08daa49d0d12c52d1db46791457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 28 Dec 2021 06:28:59 GMT
server: LiteSpeed
etag: "1d50-61caaeab-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 7504
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-53-180x135.jpeg
newspost.co.ke/wp-content/uploads/2022/02/ 10 KB
10 KB 242ms
241ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2022/02/images-53-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 271643fd8b8bacb92f69371501658a8f7a40495884ac6ebaf7e4d8dfcb2302f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 01 Feb 2022 12:42:36 GMT
server: LiteSpeed
etag: "26e2-61f92abc-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 9954
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 Screenshot_20220109-070633-180x135.png
newspost.co.ke/wp-content/uploads/2022/01/ 46 KB
46 KB 226ms
226ms Image
image/png 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2022/01/Screenshot_20220109-070633-180x135.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 7c8bd571f869f872d78bc80280fd06d6027f91b0af19a5c0c227842bd2e9f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sun, 09 Jan 2022 06:50:54 GMT
server: LiteSpeed
etag: "b73c-61da85ce-0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 46908
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 1640784277413-180x135.jpg
newspost.co.ke/wp-content/uploads/2021/12/ 6 KB
6 KB 323ms
323ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/1640784277413-180x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: fe54364997f4ba47ab4730dc9c97a1873185f708f9ce5b02bcaa72fc0805cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Wed, 29 Dec 2021 13:29:42 GMT
server: LiteSpeed
etag: "1974-61cc62c6-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6516
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 td_180x135.png
newspost.co.ke/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/no-thumb/ 165 B
252 B 307ms
306ms Image
image/png 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/no-thumb/td_180x135.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: bcf2984124f54ff3dfc34a106359da45c07a175a8b4e155f0a7bb19d19dfe50f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sun, 21 Nov 2021 10:53:46 GMT
server: LiteSpeed
etag: "a5-619a253a-0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 165
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 IMG_20211204_201534-180x135.jpg
newspost.co.ke/wp-content/uploads/2021/12/ 6 KB
6 KB 233ms
232ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/IMG_20211204_201534-180x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: e41b0f766a88f999a08ce4bf45328c6fa2a1ca0971acba3e64f4e73235811459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sat, 04 Dec 2021 17:18:11 GMT
server: LiteSpeed
etag: "189d-61aba2d3-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6301
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 IMG_20211203_183137-180x135.jpg
newspost.co.ke/wp-content/uploads/2021/12/ 8 KB
8 KB 162ms
161ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/IMG_20211203_183137-180x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 5dbf870d1be461b1d728f6c4ac3902fa4c15de801dfb045580c9402a8a5ad18e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 03 Dec 2021 19:18:40 GMT
server: LiteSpeed
etag: "1e2d-61aa6d90-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 7725
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6751 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 17:03:08 GMT
expires: Wed, 22 Feb 2023 17:03:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E74A 783 B
532 B 21ms
21ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ccdd4c1596ddd9d261c6fcf11461b964342ceb2c7a5a93d46d9311f0008c8d7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wiuqr+ndkglIDw8pszoyXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 22 Feb 2022 17:25:43 GMT
date: Tue, 22 Feb 2022 17:25:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-wiuqr+ndkglIDw8pszoyXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 images-52-180x135.jpeg
newspost.co.ke/wp-content/uploads/2020/10/ 5 KB
5 KB 116ms
116ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/10/images-52-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: de3f0130a0dd4745fb15ec8a2affafe67d087ae5b6da549d5bc51e637dea48cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 30 Oct 2020 20:25:03 GMT
server: LiteSpeed
etag: "1469-5f9c769f-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 5225
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6751 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 16:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 16:09:44 GMT

GET
H2 200 luwi2-180x135.jpg
newspost.co.ke/wp-content/uploads/2020/05/ 6 KB
6 KB 116ms
116ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/luwi2-180x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 18991fa77f6e626dd508ce151e19777f7786b3e69ddd83d1855c3d7bcc641095

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Mon, 04 May 2020 12:22:40 GMT
server: LiteSpeed
etag: "1796-5eb00910-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6038
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E74A 0
0 58ms
58ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=880123659068048&rc=05AGEo2mMZZiphREIuqCikp6dGQ9_fygIqKk4rOt0vV1KVobrKRxnNeMyD_B-BI5ut6LrcHbXlMZbbxa8QqwA-88VfEI869-qnYxpoFDDVkaJsuhVocWp7TzgBHEO9vRyDiyejIZ1gt1g5WBCR9q7wR4hLe3A2IDX1bHkl3F6Gf4VHe6U9M0FtAWKRzNe98Cv93DYzog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 images-12-180x135.jpeg
newspost.co.ke/wp-content/uploads/2020/05/ 7 KB
7 KB 120ms
119ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/images-12-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: f53d2a0574dc252b3322f51ea98f84859441bec1a473d540d9ea2ae577a4f9f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sat, 02 May 2020 12:41:33 GMT
server: LiteSpeed
etag: "1b29-5ead6a7d-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6953
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-85-180x135.jpeg
newspost.co.ke/wp-content/uploads/2021/03/ 5 KB
5 KB 121ms
119ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/03/images-85-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: b773ba99216901143f6a603638504f4fbf915e42e5c766f2ebc4f95a0433b8fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 23 Mar 2021 20:48:01 GMT
server: LiteSpeed
etag: "1448-605a5401-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 5192
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 407B 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdu_Ik-zG9JP9NVk4CsTmlxemvUJ5xd5-lEx6yJfpC_ZK4H-tLVCj6sCDqTF9Sjs-bwLMKhJaGdopEllpBpSh1silHThVxzhLXu__RT4_dJjL8JqEieA&sai=AMfl-YR_m81pV-Q1CKfdIV92_60TwW81mBeE_NZhENGdBZawfz-fjp4SYDmPSuJK3fTZnOkCZ_YsiYgpDrIV&sig=Cg0ArKJSzKXmPlirnpi0EAE&cid=CAQSGwCNIrLMEt90REDZbn39rlipu2KY5UX9j3wzBBgB&id=lidar2&mcvt=1006&p=0,0,280,1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=329817475&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645550741340&rpt=916&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FB_IMG_15951682397469388-180x135.jpg
newspost.co.ke/wp-content/uploads/2020/07/ 3 KB
3 KB 121ms
120ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/07/FB_IMG_15951682397469388-180x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: c8a5b24f3de8a39b349eb498623aaae434b5e225bbb7629ab2fb3aa4d15f6374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sun, 19 Jul 2020 14:18:33 GMT
server: LiteSpeed
etag: "bb3-5f145639-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 2995
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6751 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aZx_Mw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 17:25:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 images-34-180x135.jpeg
newspost.co.ke/wp-content/uploads/2020/08/ 10 KB
10 KB 121ms
120ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/08/images-34-180x135.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 411fbe72793c78944afbf4c42d0d2f9f760abd1d03e987567d4d10263fcd4030

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 11 Aug 2020 07:56:16 GMT
server: LiteSpeed
etag: "29a5-5f324f20-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 10661
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 FB_IMG_15958344286726229-180x135.jpg
newspost.co.ke/wp-content/uploads/2020/07/ 3 KB
3 KB 122ms
121ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/07/FB_IMG_15958344286726229-180x135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: e56bd2c21fb05a64b70e2320a5bdcadcd01bfb8afc77665621e4b9855cff4596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Mon, 27 Jul 2020 07:23:32 GMT
server: LiteSpeed
etag: "c00-5f1e80f4-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 3072
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=880123659068048&bg=!qKulq-_NAAbf-5Dq3_s7ACkAdvg8Wsk4hkjWRi9r1APGq0hdkXxHO97H8NeNYDRfCBhkaAPQV72JEgIAAABOUgAAAAJoAQcKAGAugETphqpZBvUikx7bddUEM6gbSvCxPOxuPPIQhcmpGA9D5fu0bz0H0q4IIWJBr336_eg-sPI10oYQ0ne4foG9cIVzdOOZaxSG0HnFo2nTaOlewZ_pKelU8CqSj75hQQOZAsERwAdN9og0zbeAecyyaxftA0ZwgOAzmVQp3I-SuMXthy0K_qeaekIznw5zv5bYIVX1ayqQUJkwTPaJIBYcjntHVRjphlx8FkgVqKDZn9RoG7hYbzwXPegxqZT_Gxxa49ZnNf8pOfN71WTIdoXydCKMKGuy63xSwDUKWxCFXpuBiKqmZh-uSNIt9lakkQCX77Ho1JHTyvdhnHwAEV2xp5S84gnKYZNMNHvFUPUG8vxIz1o68dxJnhd4tiHgfuIDkG8f4jVICV1nh3U0-hipqBX4unokETi_71jnOFucvzYCVK6PgWxCF8fZCZfhlMLp1B1QYDbkHlpMLAFUlY52MfvzVofC6uuboyAQzVKpYjVYAYj587vKdfHVcWZ_6o96_yp9CY46ryekBX8czCDZnATC9e7as3pGqCSzWW0GuOfie0QIfVH-jPSY8r6xQ-eNaIARxi6QvyD-diSBHRXNQLNFdNgpDOM8NNSD9iaNfBWNq6jgJOaUfvDYJKaC7ZYC_jV9rkDQGyQpr8LilW2ep9TQ5UAvK2AXvvKNZ7OPHTWbZk1vjYlTJKcwbdvpfy3y5bBw_9F6CY6dKq21KCps3Ry0ZHLbIuFmVgT6RgYfABfJ36wHig8GL_zAq-14z-RFffv8GHPVSUnO2OX6I8uiZaIaMkIniNvCIaDpzYvntye_oCZY8Gv6lLPQu_TSfdSfUylOezolSA_AQEtE2ThSIjwPgFkkO2kdDVDZjIBt_wTy3ukUQz-ug9ExMABE0uVSR5_AUd7gocahJR9JPX2VFKumqIL-e96oee9rqXS0tQOvwBe16Uac4MQ34jpkN-tJNaiiE0PiOVCyo5tRCRbFHzfSZqP3gd_FltpW_zcso-2sqzrFT7QOys50xP63dnQdfCKS4TtVETr_CD_qWNMeiuhqfpPwknQLIRZAgKKBQbjxYlY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 17:25:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eachers-Service-Commission-TSC-Secretary-Dr.-Nancy-Macharia-800x500-1-100x75.gif
newspost.co.ke/wp-content/uploads/2022/01/ 7 KB
7 KB 121ms
121ms Image
image/gif 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2022/01/eachers-Service-Commission-TSC-Secretary-Dr.-Nancy-Macharia-800x500-1-100x75.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 7fb73435ce2add0864729acc8b0a64d1b7287fc187c97c5e22ec51aef10073df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Thu, 06 Jan 2022 18:18:51 GMT
server: LiteSpeed
etag: "1b44-61d7328b-0;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6980
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-29-100x75.jpeg
newspost.co.ke/wp-content/uploads/2021/12/ 3 KB
3 KB 120ms
118ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/images-29-100x75.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: d94128798dde000566886e897e49d2e4050349012a152d9fad09554339e612ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 28 Dec 2021 06:28:59 GMT
server: LiteSpeed
etag: "d41-61caaeab-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 3393
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-53-100x75.jpeg
newspost.co.ke/wp-content/uploads/2022/02/ 4 KB
4 KB 120ms
119ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2022/02/images-53-100x75.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: cf36350d05e000c58d4097845908f26a73046e183a3c5b0b2d313a4de105aa7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 01 Feb 2022 12:42:36 GMT
server: LiteSpeed
etag: "104a-61f92abc-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 4170
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 Screenshot_20220109-070633-100x75.png
newspost.co.ke/wp-content/uploads/2022/01/ 16 KB
16 KB 120ms
119ms Image
image/png 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2022/01/Screenshot_20220109-070633-100x75.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: a1c140364f2adea4f12b4e080b2d4cfca9f54d7fad7eec07e3a5d1f9eb23e82b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sun, 09 Jan 2022 06:50:54 GMT
server: LiteSpeed
etag: "402d-61da85ce-0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 16429
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 td_100x75.png
newspost.co.ke/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/no-thumb/ 157 B
209 B 120ms
119ms Image
image/png 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/no-thumb/td_100x75.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: e68e3de6a40afeeb8b8063b71e44f98c638a48b02701d2dca5b0a073d7106ab5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sun, 21 Nov 2021 10:53:46 GMT
server: LiteSpeed
etag: "9d-619a253a-0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 157
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 IMG_20211204_201534-100x75.jpg
newspost.co.ke/wp-content/uploads/2021/12/ 3 KB
3 KB 121ms
120ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/IMG_20211204_201534-100x75.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 2e88d996971d9ccd596a4fe2f3e75735bd799c523f31405b1a5f9235c019d2b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sat, 04 Dec 2021 17:18:11 GMT
server: LiteSpeed
etag: "b12-61aba2d3-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 2834
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 IMG_20211203_183137-100x75.jpg
newspost.co.ke/wp-content/uploads/2021/12/ 3 KB
3 KB 118ms
117ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/IMG_20211203_183137-100x75.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: f46ab1a8632cc8e50f3352ff20cb00fcec8b39a31c9ca2ab7d069e91d81cd6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 03 Dec 2021 19:18:40 GMT
server: LiteSpeed
etag: "d24-61aa6d90-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 3364
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-52-100x75.jpeg
newspost.co.ke/wp-content/uploads/2020/10/ 2 KB
2 KB 118ms
117ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/10/images-52-100x75.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 099095eb3a67dea412d16d2adc2111bc0ad34daf439073523b2dc97af981bbad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 30 Oct 2020 20:25:03 GMT
server: LiteSpeed
etag: "945-5f9c769f-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 2373
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 luwi2-100x75.jpg
newspost.co.ke/wp-content/uploads/2020/05/ 3 KB
3 KB 118ms
118ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/luwi2-100x75.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 4c2b8b86a366ac654e7d8956b8647b1dcc0e85231cb9f8c72cd87d0748efca29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Mon, 04 May 2020 12:22:40 GMT
server: LiteSpeed
etag: "b69-5eb00910-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 2921
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-12-100x75.jpeg
newspost.co.ke/wp-content/uploads/2020/05/ 3 KB
3 KB 116ms
116ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/images-12-100x75.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 819f832141513cf2b5184800b9618c2ff6e93dda621439d711f0bff9e12bddbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sat, 02 May 2020 12:41:33 GMT
server: LiteSpeed
etag: "d06-5ead6a7d-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 3334
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 IMG_20211207_090812.png
newspost.co.ke/wp-content/uploads/2021/12/ 169 KB
169 KB 116ms
116ms Image
image/png 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/12/IMG_20211207_090812.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: ae89c0f19e327e33f2f2f59be89c2f9ce7e267136546b46d793c21d09a89a2ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 07 Dec 2021 06:08:40 GMT
server: LiteSpeed
etag: "2a23d-61aefa68-0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 172605
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 magoha-768x511-1-238x178.jpg
newspost.co.ke/wp-content/uploads/2021/08/ 7 KB
7 KB 215ms
215ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/08/magoha-768x511-1-238x178.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 0e3b9bc26b71812265e911b6cc2332a2feeddf3a0a889e7a5fbc59800af97d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Mon, 02 Aug 2021 09:36:34 GMT
server: LiteSpeed
etag: "1b61-6107bca2-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 7009
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-8-238x178.jpeg
newspost.co.ke/wp-content/uploads/2020/05/ 11 KB
11 KB 199ms
199ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/images-8-238x178.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 885bbd281b2fe119ed1ce51cb41bd90d7578807b09e9c4aa52bcc87c696bf516

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sat, 16 May 2020 22:51:33 GMT
server: LiteSpeed
etag: "2d71-5ec06e75-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 11633
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 HELB-Loans-238x169.jpg
newspost.co.ke/wp-content/uploads/2020/05/ 16 KB
16 KB 183ms
183ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/HELB-Loans-238x169.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 22a56f458dfb08e68e4a5866fbcee98dc74abe5789a8b4b3623a1e5df393a2f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 08 May 2020 20:27:50 GMT
server: LiteSpeed
etag: "3edb-5eb5c0c6-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 16091
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 FB_IMG_15895616160718813-238x178.jpg
newspost.co.ke/wp-content/uploads/2020/05/ 15 KB
15 KB 167ms
167ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/05/FB_IMG_15895616160718813-238x178.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: eb68042e9b381d794c39ec4005154b3bda9322c2b0cbf0429ecc83b78d68f727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 15 May 2020 16:55:00 GMT
server: LiteSpeed
etag: "3c60-5ebec964-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 15456
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-43-300x160.jpeg
newspost.co.ke/wp-content/uploads/2020/10/ 7 KB
8 KB 151ms
151ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/10/images-43-300x160.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 90f3c005775fa0b9ded565cc599cf1a830ddfaa59681e1d49d42f077dee7efc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Fri, 02 Oct 2020 13:43:20 GMT
server: LiteSpeed
etag: "1dd9-5f772e78-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 7641
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-50-300x160.jpeg
newspost.co.ke/wp-content/uploads/2020/10/ 8 KB
8 KB 135ms
135ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/10/images-50-300x160.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: b8601ede4893cae48230202b7ff7aaa16169c0038d1b5bcc95cbb41b0cc83bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Sat, 17 Oct 2020 20:55:16 GMT
server: LiteSpeed
etag: "1fe8-5f8b5a34-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 8168
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-2021-05-18T172200.462-300x160.jpeg
newspost.co.ke/wp-content/uploads/2021/05/ 10 KB
10 KB 119ms
119ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/05/images-2021-05-18T172200.462-300x160.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: f6bed32d493044f7a65cc6ce295e77d02cb75fdedd2e6b935b78d1722a2dd024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 18 May 2021 14:22:41 GMT
server: LiteSpeed
etag: "28ea-60a3cdb1-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 10474
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-57-300x160.jpeg
newspost.co.ke/wp-content/uploads/2020/12/ 7 KB
7 KB 132ms
132ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2020/12/images-57-300x160.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 350208fce049058152031272d6a32e9feb9711bbfb291dfacd40a8b1e76d30bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Tue, 08 Dec 2020 12:37:19 GMT
server: LiteSpeed
etag: "1a68-5fcf737f-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 6760
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 images-75-300x160.jpeg
newspost.co.ke/wp-content/uploads/2021/02/ 12 KB
12 KB 117ms
116ms Image
image/jpeg 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/02/images-75-300x160.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 454d4cc4bafc066a55d4d71ed767138775e1e592dd34f1c03727f75c4a2c4967

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Wed, 24 Feb 2021 12:20:53 GMT
server: LiteSpeed
etag: "3184-603644a5-0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 12676
expires: Wed, 22 Feb 2023 17:25:43 GMT

GET
H2 200 kuccps-logo-241x156-1.png
newspost.co.ke/wp-content/uploads/2021/05/ 8 KB
8 KB 116ms
116ms Image
image/png 67.202.92.27
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newspost.co.ke/wp-content/uploads/2021/05/kuccps-logo-241x156-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.92.27 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: s27.wpx.net
Software: LiteSpeed /
Resource Hash: 2146be073e0687e2ba788d5375cf757769fa4fc1667adcc19eccb8775156600b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newspost.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Feb 2022 17:25:43 GMT
referrer-policy
last-modified: Wed, 19 May 2021 06:56:24 GMT
server: LiteSpeed
etag: "1e1a-60a4b698-0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
wpx: 1
content-length: 7706
expires: Wed, 22 Feb 2023 17:25:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:25:02	Name: _GRECAPTCHA Value: 09AGEo2mMiMW1WfZ5cn7pFt7adOzMSG_WvdKYZU5ZODSe4OFWjyDj3sf67N9JXVerOHbm_1TNU3lIRhC7EUsrtrQQ
.newspost.co.ke/	1970-01-20 18:37:02	Name: _ga Value: GA1.3.2030211238.1645550741
.newspost.co.ke/	1970-01-20 01:07:17	Name: _gid Value: GA1.3.50402701.1645550741
.newspost.co.ke/	1970-01-20 01:05:50	Name: _gat Value: 1
.newspost.co.ke/	1970-01-20 10:27:26	Name: __gads Value: ID=29f01753fe5dab02-220677f849cd00e7:T=1645550741:RT=1645550741:S=ALNI_MY56VzETj7jc2pA6Ff4quG5frj3uQ
.doubleclick.net/	1970-01-20 01:05:54	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 03:15:26	Name: d Value: EH0BCQHAJYEA
.quantserve.com/	1970-01-20 10:36:05	Name: mc Value: 62151c96-7fe95-a0a6b-f627d
.casalemedia.com/	1970-01-20 09:51:26	Name: CMID Value: YhUclvA5obBMJp.yPJOxWgAA
.casalemedia.com/	1970-01-20 03:15:26	Name: CMPS Value: 3219
.casalemedia.com/	1970-01-20 03:15:26	Name: CMPRO Value: 1187
.casalemedia.com/	1970-01-20 01:07:17	Name: CMST Value: YhUclmIVHJYA
.doubleclick.net/	1970-01-20 10:27:26	Name: IDE Value: AHWqTUkvpELdr9IL7ND2YNMfGJkKw6Me3tGgKQWqVMqQdMHSRtO0M78o_7ZB_MLf8VQ
.innovid.com/	1970-01-20 03:15:26	Name: uuid Value: fff03202-dddb-443b-aa99-44a37dff85e5-20220222 12:25:42
.agkn.com/	1970-01-20 09:51:26	Name: u Value: C\|0CEApp9kWKafZFgAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 09:51:26	Name: ab Value: 0001%3AJQZ4nEi0YPcCZV2F56yClhEuL02QdKzp
.pubmatic.com/	1970-01-20 01:07:17	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 03:15:26	Name: KADUSERCOOKIE Value: 49BCE7F8-997D-4DBA-829A-5F47E8746BFA
.e.dlx.addthis.com/	1970-01-20 10:36:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:36:05	Name: na_id Value: 2022022217254300099454578685
.addthis.com/	1970-01-20 10:36:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:36:05	Name: uid Value: 62151c977e8d755a
.addthis.com/	1970-01-20 10:36:05	Name: ouid Value: 62151c970001c43c68d99f0a7b23b31cae20bfdb32c2327151c2
.dlx.addthis.com/	1970-01-20 01:49:02	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 01:49:02	Name: na_sr Value: 20220222
.dlx.addthis.com/	1970-01-20 01:05:50	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 01:49:02	Name: na_sc_e Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPIAXIcjfllS61fstmXBuKH-6kAGgdRmntr7zervrfPfEoSQ8Bl-st87YrPm8xQ35sZVXxxb_yjNTspYeC9Ev4zA_E1L9Ihx&google_gid=CAESEJjz6RT41dgkemprJByqsB4 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhUclvA5obBMJp-yPJOxWgAABKMAAAIB&google_cver=1&google_push=AYg5qPKCFZlG80hCyVWhHJfjcWPmG0YAXXEqeta-dcn2wztPez69jcVlpr3k_kRkHadrVi941fHHXMnTmG75GGA3csgXpfgHyII&google_gid=CAESEOLCz_zHF6RqASQM-BWWryQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-6001302459237650&fa=1&ifi=7&uci=a!7&btvi=4&xpc=FWJgbj1WtW&p=https%3A//newspost.co.ke Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
newspost.co.ke
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.seadform.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.newspost.co.ke
cm.g.doubleclick.net
104.92.72.137
141.95.157.215
142.250.186.98
172.217.18.98
185.64.190.78
2606:4700::6812:e134
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c0c::9b
2a05:d01c:1d8:8100:cf80:c203:5e45:e44
3.122.111.84
34.246.234.200
34.98.67.61
35.227.252.103
37.157.2.237
67.202.92.27
69.173.144.165
0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
099095eb3a67dea412d16d2adc2111bc0ad34daf439073523b2dc97af981bbad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e3b9bc26b71812265e911b6cc2332a2feeddf3a0a889e7a5fbc59800af97d91
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18991fa77f6e626dd508ce151e19777f7786b3e69ddd83d1855c3d7bcc641095
19d68d8c9b0afec111ca934d319c454fe9d57234d8915b2d837e36d54410ddf7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fd5cb1b323aeb7302c510487a04f6645d64b2579bc9cc24f8ac2c690f0de7ab
2146be073e0687e2ba788d5375cf757769fa4fc1667adcc19eccb8775156600b
22560e09d1591373849933d48a370da5ea3f0a5d40c4f592ae860f6907560125
22a56f458dfb08e68e4a5866fbcee98dc74abe5789a8b4b3623a1e5df393a2f9
26e63cd40574ee0ce00b2c91989f15bd9f0aa92542c93f31426fd3723b14e621
271643fd8b8bacb92f69371501658a8f7a40495884ac6ebaf7e4d8dfcb2302f9
287728831c6885f9ca09542edb76705270f8a9ce70ff9765d8ca95ebb358afda
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2e88d996971d9ccd596a4fe2f3e75735bd799c523f31405b1a5f9235c019d2b5
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
350208fce049058152031272d6a32e9feb9711bbfb291dfacd40a8b1e76d30bf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eccc811869d20e4620adbf26a3dd4ec6f36c50f1d05afda0e9927cd429e209f
411fbe72793c78944afbf4c42d0d2f9f760abd1d03e987567d4d10263fcd4030
41d557e5430453c9223fde9cc2e2ab3030a37628310635ac468b2bc558933781
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
454d4cc4bafc066a55d4d71ed767138775e1e592dd34f1c03727f75c4a2c4967
4591d944141dd05f65eac6c5b7a46145c8f425a10b8209bb2cfaed67048e3639
4c2b8b86a366ac654e7d8956b8647b1dcc0e85231cb9f8c72cd87d0748efca29
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595c8e1b1a02e786dc2842bf830ea10563de9c49058163de036b0c1c978ded66
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4a9784b8fedd0e530920514d2d2454075e5c7b677c78555b514584d359fc75
5dbf870d1be461b1d728f6c4ac3902fa4c15de801dfb045580c9402a8a5ad18e
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6022e14eddb6b4746f32f9089d400bc06609ea43b99984741f48982621c5a339
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
762129dae4db7fa09fbe559d66481dac053e829b21a687572e867af1080ccebe
76a89d7bd5f261ab866fee49966d23e5a8e11a2ca7fed95e8e7cfc74b4cf68ca
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c8bd571f869f872d78bc80280fd06d6027f91b0af19a5c0c227842bd2e9f992
7fb73435ce2add0864729acc8b0a64d1b7287fc187c97c5e22ec51aef10073df
7fd004317d475eb0a81e7ee90a64fed54636708c9d07f25cc7777a6e4dc76347
819f832141513cf2b5184800b9618c2ff6e93dda621439d711f0bff9e12bddbe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885bbd281b2fe119ed1ce51cb41bd90d7578807b09e9c4aa52bcc87c696bf516
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8cb1397b0a4fee18cdad17c484b3597b9c5d4ff20c548d519020526d7aa8f154
909eb37b99359fa21aea9ecb87fa582cab9e93e2f9056d99914bac1696691ffd
90f3c005775fa0b9ded565cc599cf1a830ddfaa59681e1d49d42f077dee7efc0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eefc2bd8310646e1b64ef66326ca6d7ee2211805aa77829038f1aefcfdb24f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c140364f2adea4f12b4e080b2d4cfca9f54d7fad7eec07e3a5d1f9eb23e82b
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55cf8768eb759aff04f29bc381c602edbc516a5383c76ac477d54c9dab3fae4
a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1
a8715f4ef9ff4d7f6081b90c36f22bc412350fb9fd96f5634f324d43168b8c3b
a9240d316abe68ac184fe67433923c77e135a0dd33015d4af42569b392af90a4
a9c7c54b39ca4e612fd23a10a04f0bf62499bbbb23d6b1be695eaf9ace0202e6
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae27fc77d0eb156e97da4b6619ae3c06c936c08daa49d0d12c52d1db46791457
ae89c0f19e327e33f2f2f59be89c2f9ce7e267136546b46d793c21d09a89a2ce
aff0445d20bca116ef1249e3a746dcb92bcd1fd97514ed3c196e21d8e416520f
b24763119a9aa6bc836fada5889c6f2ebde0a4a99621d417073bb7ff0d95bca7
b5ef6933a44f2fc3b94aa69d10ad1d56bfe103bd8ff3245b9798d2e7ed60a7f4
b730f7bce37ce68f83135bbffd6ded00a2b74e341b2c0993eb2252cb4e9af45e
b773ba99216901143f6a603638504f4fbf915e42e5c766f2ebc4f95a0433b8fe
b8601ede4893cae48230202b7ff7aaa16169c0038d1b5bcc95cbb41b0cc83bad
b8896a5dec9e8f014bbfe43d92e33004184a9aa766952a1064710079564547cf
ba45765ef59b94f9eee30231820b2e7c66ea52c729608117093b403eced8c867
bb5b93bb4a7fbf43eeb757a07f671c7f8562a4fb650c0768d1803b99b9ae7473
bcf2984124f54ff3dfc34a106359da45c07a175a8b4e155f0a7bb19d19dfe50f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c00e5ee42ad3244ca8d252435e882bad6bd8b118273b4595ca86c650d9e3f715
c1432245187bf6dfa18959a616158d379c22c22a7927fc29d4022ceb42fe7088
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c4a0e482cd6957c079d57c0d79dc603ba4b7f4ef91dd6e8789cd3387686d6b35
c8a5b24f3de8a39b349eb498623aaae434b5e225bbb7629ab2fb3aa4d15f6374
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cb84362f190a0f4a3dc9af0150e8524c07e0402ea1d617075e5f5c10e4abd6ba
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccdd4c1596ddd9d261c6fcf11461b964342ceb2c7a5a93d46d9311f0008c8d7d
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
cf36350d05e000c58d4097845908f26a73046e183a3c5b0b2d313a4de105aa7d
d28c9853b8e794c0dd505a9a0f2db038aa47ab1954a4879799ab4c82fdd13ebe
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d94128798dde000566886e897e49d2e4050349012a152d9fad09554339e612ea
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3f0130a0dd4745fb15ec8a2affafe67d087ae5b6da549d5bc51e637dea48cb
deccb03d2157bac79af55ff1d5b7ceee3a42fd730c20b2d55e3025418837bba4
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41b0f766a88f999a08ce4bf45328c6fa2a1ca0971acba3e64f4e73235811459
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e56bd2c21fb05a64b70e2320a5bdcadcd01bfb8afc77665621e4b9855cff4596
e603b509658fdf55f0b46c6af2e7c189447f5046357e7d359b1fe6803574f7f2
e68e3de6a40afeeb8b8063b71e44f98c638a48b02701d2dca5b0a073d7106ab5
eb68042e9b381d794c39ec4005154b3bda9322c2b0cbf0429ecc83b78d68f727
ee5d8f682805ed45d8c9ff24941a1ad286763bf61e23fde210d41e5016607106
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46ab1a8632cc8e50f3352ff20cb00fcec8b39a31c9ca2ab7d069e91d81cd6dd
f53d2a0574dc252b3322f51ea98f84859441bec1a473d540d9ea2ae577a4f9f6
f6bed32d493044f7a65cc6ce295e77d02cb75fdedd2e6b935b78d1722a2dd024
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f700c30042e9fc158368a63f1874c0b6b7455fb9e4b53e14235b13226dff7936
fe54364997f4ba47ab4730dc9c97a1873185f708f9ce5b02bcaa72fc0805cfea

newspost.co.ke Open in urlscan Pro 67.202.92.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

93 %HTTPS

59 %IPv6

22 Domains

30 Subdomains

24 IPs

7 Countries

2394 kBTransfer

5966 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newspost.co.ke Open in urlscan Pro
67.202.92.27 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

93 %
HTTPS

59 %
IPv6

22
Domains

30
Subdomains

24
IPs

7
Countries

2394 kB
Transfer

5966 kB
Size

27
Cookies

207 HTTP transactions
7 data transactions