www.theeastafrican.co.ke Open in urlscan Pro
2606:4700::6812:17f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theeastafrican.co.ke/
Effective URL:
https://www.theeastafrican.co.ke/
Submission: On January 05 via manual (January 5th 2023, 4:38:08 pm UTC) from KY — Scanned from DE

Summary HTTP 111 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 18 domains to perform 111 HTTP transactions. The main IP is 2606:4700::6812:17f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theeastafrican.co.ke. The Cisco Umbrella rank of the primary domain is 452427.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.

This is the only time www.theeastafrican.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700::68... 2606:4700::6812:17f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:802::2016	15169 (GOOGLE) (GOOGLE)
1	34.251.7.23 34.251.7.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:5c00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE)
1	64.233.166.157 64.233.166.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	104.248.39.31 104.248.39.31	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	184.30.20.47 184.30.20.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.96.137.173 104.96.137.173	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.8.79.40 3.8.79.40	16509 (AMAZON-02) (AMAZON-02)
3	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
4	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
1	63.34.82.91 63.34.82.91	16509 (AMAZON-02) (AMAZON-02)
1	54.246.69.241 54.246.69.241	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
111	33

18 2606:4700::6812:17f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.theeastafrican.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.7.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-7-23.eu-west-1.compute.amazonaws.com

tentacles.smartocto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5c00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.39.31 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-47.deploy.static.akamaitechnologies.com

secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.137.173 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-137-173.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.8.79.40 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-79-40.eu-west-2.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tpsc-video-eu.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.82.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-82-91.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.69.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-69-241.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 187 ade.googlesyndication.com — Cisco Umbrella Rank: 334	272 KB
21	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 bid.g.doubleclick.net — Cisco Umbrella Rank: 956 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395	235 KB
18	theeastafrican.co.ke 1 redirects www.theeastafrican.co.ke — Cisco Umbrella Rank: 452427	418 KB
8	flashtalking.com 1 redirects secure.flashtalking.com — Cisco Umbrella Rank: 3128 cdn.flashtalking.com — Cisco Umbrella Rank: 1699 servedby.flashtalking.com — Cisco Umbrella Rank: 1216 ad-events.flashtalking.com — Cisco Umbrella Rank: 3377 d9.flashtalking.com — Cisco Umbrella Rank: 2313	2 MB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	76 KB
5	doubleverify.com vast.doubleverify.com — Cisco Umbrella Rank: 2523 tpsc-video-eu.doubleverify.com — Cisco Umbrella Rank: 13965 vtrk.doubleverify.com — Cisco Umbrella Rank: 2109	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 330	109 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127 imasdk.googleapis.com — Cisco Umbrella Rank: 477	137 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 region1.analytics.google.com — Cisco Umbrella Rank: 4057 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	122 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	40 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5450 www.google.de — Cisco Umbrella Rank: 3658	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	113 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	82 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	2 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2100	10 KB
1	smartocto.com tentacles.smartocto.com — Cisco Umbrella Rank: 23734	9 KB
0	nation.africa Failed ads.nation.africa Failed
111	18

	Domain	Requested by
18	www.theeastafrican.co.ke	1 redirects www.theeastafrican.co.ke
13	securepubads.g.doubleclick.net	www.theeastafrican.co.ke www.googletagservices.com securepubads.g.doubleclick.net 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com www.theeastafrican.co.ke cdn.ampproject.org imasdk.googleapis.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	www.theeastafrican.co.ke 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	ade.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
3	tpsc-video-eu.doubleverify.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	www.theeastafrican.co.ke securepubads.g.doubleclick.net
3	i.ytimg.com	www.theeastafrican.co.ke
2	ad-events.flashtalking.com
2	servedby.flashtalking.com	1 redirects
2	cdn.flashtalking.com
2	imasdk.googleapis.com	67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
2	fonts.googleapis.com	67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.theeastafrican.co.ke www.googletagmanager.com
2	cdnjs.cloudflare.com	www.theeastafrican.co.ke cdnjs.cloudflare.com
1	googleads4.g.doubleclick.net
1	vtrk.doubleverify.com
1	d9.flashtalking.com
1	secure.flashtalking.com
1	vast.doubleverify.com	imasdk.googleapis.com
1	www.google.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.youtube.com	www.theeastafrican.co.ke
1	static.chartbeat.com	www.theeastafrican.co.ke
1	tentacles.smartocto.com	www.theeastafrican.co.ke
0	ads.nation.africa Failed	www.theeastafrican.co.ke
111	36

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
nation.africa
epaper.nation.africa
www.businessdailyafrica.com
www.ntvkenya.co.ke
www.ntv.co.ug
www.monitor.co.ug
www.thecitizen.co.tz
www.nationmedia.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.smartocto.com R3	`2022-12-31` - `2023-03-31`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-06-13` - `2023-07-15`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-20` - `2023-05-20`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
ad-events.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-08-31`	a year	crt.sh
*.doubleverify.com Starfield Secure Certificate Authority - G2	`2022-11-08` - `2023-09-25`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2022-07-25` - `2023-08-26`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2024-01-06`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.theeastafrican.co.ke/
Frame ID: 1DA442102E3860184D43A11F17A191C4
Requests: 42 HTTP requests in this frame

Frame: https://www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672934400
Frame ID: EE6B2BD21CF576E36A38588F3439A13A
Requests: 3 HTTP requests in this frame

Frame: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA4852FE16813A5535F627F283173FE2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudj-q5E57ooKUibafOrzVBwkYYLSjraq7sewwefpW-4F7PEk3WbIrnp_cyfJ6Cezlub0bP_BZfr4G-7RQDNrY0ejlcKmZca_tBs16dJy6PVti6EuaWOO4IZQDxNHlLJhhrVOk07eXGIDVdGa0lylU_jHeDqa_U5S-IyHQTfi6WdwS6n-Ty_buDvt-dHiRurVxpbPYXXazPFiIs9C0H4VHk8MRts_PNEHNvwLDz3yPOyRFyzvW7eAD6IZ5Zxr2d0pnOh3rH9sl6h9pbxs55WKW15hUq8x5TuCRX_FuFH_ypHAJotqdw6j5I0z7g3whnUzdfI_BwNLbwOeMpMy7a1mZA1eKdTw&sai=AMfl-YS3YMhAeRLyAHn8e9RSXQ7veyNlXRpm2yvbh0csOOqX7ZsoCUukcJV5w0iSaCNWjlRdHXoWt4ZUOF8_EgZD49GCZKkmUt_T7uVGnGYArD2InPmvi4cjM8SCx7GT8ku7im_OBs-j9KTpaod6jtKojZg&sig=Cg0ArKJSzAB9GElZebQUEAE&uach_m=[UACH]&adurl=
Frame ID: E239DA276980646AA67E82DDDAC1DFC1
Requests: 6 HTTP requests in this frame

Frame: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F7CDC774C34399CE9F60D9CD9A70035
Requests: 41 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLT77x-T3jQNCAnpKeb0s_9VItgtw7X-uHx_EzTSXw9mNPzw51CYr3QVL9o5t7e93RTwP2hlLd1dKVHvtBJVNByJCOqKRMqjonjnysGZeIc3awbna_be7RNSzi2g424VKaGUPyfsew8G_UqjBJ86fxkejZbn-HzFB0JRPqviu00dhS2mxU7mPB6aGwkt7awlV_Yi6_nhdsF9Cl_rI3zAtyRZgmTQmEEdWC7ShpIst2EgCKMOVJdiJ2m8VAW6ZtDJT6r3JGZ30IGap1ZO75fvl1GGZBoLwabpZTLojaIeeBS3Yn2AZx6UKhviTA7Gft2VEmnUz1nYYsGEvwO0GTM2Yi&sai=AMfl-YRYDOgvsEWpR1E-lOFSj9-5ftaH6zSuC0GrmVAApfbaYdrwVCMRXAUkcP43bWxghRNMXHv_Eyn5pTOMzvSAoDBb8aQM1ooO3NRrYBfPgK3ZVOgj1UDPrjGe91YTpraHkny1LzeZdPoZ5TD_MzLIvnU&sig=Cg0ArKJSzCxHwp0OD6HxEAE&uach_m=[UACH]&adurl=
Frame ID: 5CC86C4481D6883D69225EDB47ED7688
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: C990FF2EA6D51ACC17C8FFE9500AAEC3
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7F88E14F7661E8D5C5C9D47529E7E906
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The EastAfrican

Page URL History Show full URLs

http://www.theeastafrican.co.ke/ HTTP 301
https://www.theeastafrican.co.ke/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

111
Requests

97 %
HTTPS

67 %
IPv6

18
Domains

36
Subdomains

33
IPs

7
Countries

3297 kB
Transfer

5733 kB
Size

9
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/developer?id=Nation%20Media%20Group&hl=en&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/developer/nation-media-group-ltd/id771736086

Search URL Search Domain Scan URL

URL: https://nation.africa/kenya/contact-us-294088
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://nation.africa/kenya/frequently-asked-questions-303716
Title: Frequently asked questions

Search URL Search Domain Scan URL

URL: https://nation.africa/kenya/nmg-privacy-policy-303724
Title: NMG Privacy Policy

Search URL Search Domain Scan URL

URL: https://nation.africa/kenya/terms-of-use-303726
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://nation.africa/kenya/terms-and-conditions
Title: Terms and Conditions of Use

Search URL Search Domain Scan URL

URL: https://nation.africa/kenya/our-blog-rules-549010
Title: Our Blog Rules

Search URL Search Domain Scan URL

URL: https://epaper.nation.africa/
Title: Nation ePaper

Search URL Search Domain Scan URL

URL: http://www.businessdailyafrica.com/
Title: Business Daily

Search URL Search Domain Scan URL

URL: https://www.ntvkenya.co.ke/
Title: NTV

Search URL Search Domain Scan URL

URL: http://www.ntv.co.ug/
Title: NTV Uganda

Search URL Search Domain Scan URL

URL: http://www.monitor.co.ug/
Title: Daily Monitor

Search URL Search Domain Scan URL

URL: http://www.thecitizen.co.tz/
Title: The Citizen

Search URL Search Domain Scan URL

URL: http://www.nationmedia.com/
Title: Nation Media Group

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheEastAfrican

Search URL Search Domain Scan URL

URL: https://www.instagram.com/The_EastAfrican

Search URL Search Domain Scan URL

URL: https://twitter.com/The_EastAfrican

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCjIeyvMe_cmyRrVyNvsyszQ

Search URL Search Domain Scan URL

URL: https://t.me/theeastafrican

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theeastafrican.co.ke/ HTTP 301
https://www.theeastafrican.co.ke/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://servedby.flashtalking.com/imp/1/197104;6943192;201;gifimpid;DV360;DemandCreationPremiereProQ1PremiereProFY23Q1DEDisplayDV360AppetiteLifeTargeted15sVideoVASTCrossPlatformAffinity1920x1080/?ft_impID=FFE9C829-5118-3C1D-CD3A-44B4FF58CF7E&ft_custom=&ft_c1=&ft_c2=&ft_c3=&ft_id=&ft_partnerimpid=&ft_partnerid=&ft_section=&gdpr=FT_GDPR&gdpr_consent=&gdpr_pd=FT_GDPR_PD&us_privacy=!!US_PRIVACY!&ft_creative=4128510&ft_configuration=0&cachebuster=1871448800 HTTP 302
https://cdn.flashtalking.com/xre/694/6943192/4128510/image/4128510.gif

111 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theeastafrican.co.ke/
Redirect Chain

http://www.theeastafrican.co.ke/
https://www.theeastafrican.co.ke/

99 KB
18 KB

102ms
70ms

Document
text/html

2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

257dcea81be93c21b20fdda1912f536c80aae5a5c12de4c4b77be2f0356e5320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=300
cf-cache-status: HIT
cf-ray: 784da4476ee36987-FRA
content-encoding: br
content-language: en
content-type: text/html;charset=UTF-8
date: Thu, 05 Jan 2023 16:37:59 GMT
expires: Thu, 05 Jan 2023 16:42:59 GMT
last-modified: Thu, 05 Jan 2023 16:37:36 GMT
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-cache: HIT from www.theeastafrican.co.ke
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 784da4470d4b2c21-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:37:59 GMT
Expires: Thu, 05 Jan 2023 17:37:59 GMT
Location: https://www.theeastafrican.co.ke/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 T0y3J73fk_VKhzvXxiTdNq90xcU.js Show response
www.theeastafrican.co.ke/cdn-cgi/apps/head/ 5 KB
2 KB 401ms
400ms Script
application/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theeastafrican.co.ke/cdn-cgi/apps/head/T0y3J73fk_VKhzvXxiTdNq90xcU.js
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacc001e99177a0e66e66d47a32d3bfdc95e93c4bb5636767846db3411becbc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
x-amz-version-id: GnSWkjIt6PkWC1L612gBLPlZ8AXAnPgP
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Sep 2022 13:59:36 GMT
server: cloudflare
x-amz-request-id: A4NN8DADAB9PVF87
etag: W/"d8913b8b92d7c0785eb2d7a11ff15eff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 784da447ffb86987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mjpnFgGIEpNKzUeCrdiCMaoXbfCDtZXRW/a7v/nfqeLW/zjAYZKTKv9zl17043FQDyGBDxd92FE=
expires: Fri, 05 Jan 2024 16:38:00 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 38ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3020227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BzHp1QSMfCtocclJenECrE9JtwktwB1Ei3diSCV53jtfRvp6hG8QTaC%2BrJ6RBQs9GSWOIVjODakGzP5VpCXNu2DEVhlXUZGM5hpuWWAgoAgvUeNWTb%2BOfQpJkUeOajF2meqas3L3cJCvnVKfd2ZdxWB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 784da448189d6927-FRA
expires: Tue, 26 Dec 2023 16:37:59 GMT

GET
H2 200 east-african-654262-154.css
www.theeastafrican.co.ke/resource/themes/east-african/css/ 313 KB
74 KB 39ms
38ms Stylesheet
text/css 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e67e9865877a90940d55dcda569fddf3704c7a4bd298090c1179e9b99ec54362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 16:37:59 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6427
cf-polished: origSize=321058
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 09:44:30 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-frame-options: DENY
content-language: en-US
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31514615
cf-ray: 784da447ffb96987-FRA
expires: Fri, 05 Jan 2024 10:41:34 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/JzOPKXVOX7A/ 12 KB
12 KB 137ms
61ms Image
image/jpeg 2a00:1450:400d:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/JzOPKXVOX7A/mqdefault.jpg

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c327e67f9ee4e49c541d870e5af3884e6b3e289b6f14c41d384583d65fb6ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:37:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 18:37:59 GMT

GET
H3 200 mqdefault.jpg
i.ytimg.com/vi/GHe5M1reXuA/ 14 KB
14 KB 99ms
56ms Image
image/jpeg 2a00:1450:400d:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/GHe5M1reXuA/mqdefault.jpg

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f97bd788c8f198be6ea386c11b1f1901299ccd8adcc5b2c3ec36d7ca4edfaba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:37:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14216
x-xss-protection: 0
server: sffe
etag: "1672728398"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:42:59 GMT

GET
H3 200 mqdefault.jpg
i.ytimg.com/vi/3EIzoZ4T_eY/ 14 KB
14 KB 56ms
55ms Image
image/jpeg 2a00:1450:400d:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3EIzoZ4T_eY/mqdefault.jpg

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d26823cfbfaa0de10cfa044de24a254f5a406360f3536f54916635e7fe16ad2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:37:59 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14570
x-xss-protection: 0
server: sffe
etag: "1672307869"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 18:37:59 GMT

GET
H3 200 amp-logo-png-data.png
www.theeastafrican.co.ke/resource/crblob/1830002/4d4ba1f86b20e22d593b250208bb3581/ 4 KB
5 KB 47ms
47ms Image
image/png 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theeastafrican.co.ke/resource/crblob/1830002/4d4ba1f86b20e22d593b250208bb3581/amp-logo-png-data.png

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcde74c9faf976821634ebac16fec36aba7c465ba2cc7a0b27a976251b5d4e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 133480
cf-polished: status=not_needed
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4514
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 21 Dec 2022 20:18:09 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-language: en-GB
content-type: image/png;charset=UTF-8
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 784da44a2c682c63-FRA
expires: Mon, 10 Jul 2023 16:38:00 GMT

GET
H3 200 google-play-badge-png-data.png
www.theeastafrican.co.ke/resource/crblob/654084/50e4f00026394f5a265aaf340a5d0a57/ 3 KB
4 KB 31ms
31ms Image
image/png 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theeastafrican.co.ke/resource/crblob/654084/50e4f00026394f5a265aaf340a5d0a57/google-play-badge-png-data.png

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe10a5846071076e719ca4e4bab90cbf4c8d54ef730191fcea1ed84235528c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 119782
cf-polished: status=not_needed
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3513
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 03 Jan 2023 09:47:32 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-language: en-GB
content-type: image/png;charset=UTF-8
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 784da44a7cf12c63-FRA
expires: Mon, 10 Jul 2023 16:38:00 GMT

GET
H3 200 appstoreicon-svg-data.svg
www.theeastafrican.co.ke/resource/crblob/654060/de9cff10d1c98ad9ce9274954e2fbc20/ 12 KB
5 KB 40ms
40ms Image
image/svg+xml 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theeastafrican.co.ke/resource/crblob/654060/de9cff10d1c98ad9ce9274954e2fbc20/appstoreicon-svg-data.svg

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 10 Jul 2023 16:38:00 GMT
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 133480
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Jan 2023 09:39:57 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml;charset=UTF-8
content-language: en-US
cache-control: public, max-age=16070400
cf-ray: 784da44a7cf72c63-FRA
x-cache-hits: 0

GET
H3 200 rocket-loader.min.js Show response
www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
server: cloudflare
etag: W/"63a1e484-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 784da44a8d112c63-FRA
expires: Sat, 07 Jan 2023 16:38:00 GMT

GET
H3 200 tFZ5v9Ujj_WnKvruok0Uz9_rJSI.js Show response
www.theeastafrican.co.ke/cdn-cgi/apps/body/ 6 KB
2 KB 351ms
350ms Script
application/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theeastafrican.co.ke/cdn-cgi/apps/body/tFZ5v9Ujj_WnKvruok0Uz9_rJSI.js
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/apps/head/T0y3J73fk_VKhzvXxiTdNq90xcU.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f49eef19a0882f558dc2f7a7838b8aef5c54b6340fe8f3d8d79ef88d402eafe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
x-amz-version-id: 7APqCrNPM3bkiWl0Y0CCzPClpSXC4et.
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Sep 2022 13:59:36 GMT
server: cloudflare
x-amz-request-id: KWT214GSFHZ654S6
etag: W/"46b2a91bb71287767bbb44f69a00fadd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 784da44a8d182c63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xGTTNRroxnX/tEyLmmf69wb+7pg6XWlMN+8pjfGCFlNzH1ctGmtH6/sBv5hsB0SgiHOyOM6IlVY=
expires: Fri, 05 Jan 2024 16:38:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sprite2-png-data.png
www.theeastafrican.co.ke/resource/crblob/654112/e350b2e6d5bc7f9b8e4b0d27d20875c6/ 30 KB
30 KB 34ms
30ms Image
image/png 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theeastafrican.co.ke/resource/crblob/654112/e350b2e6d5bc7f9b8e4b0d27d20875c6/sprite2-png-data.png

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

028206ae611395011e2b8673044076c55c02e189eaaf1ad56a55100ab0705124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 120206
cf-polished: status=not_needed
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30565
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 03 Jan 2023 09:30:43 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-language: en-GB
content-type: image/png;charset=UTF-8
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 784da44abd8a2c63-FRA
expires: Mon, 10 Jul 2023 16:38:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a42d88238232f3795af8d556fc0ac934ea981881785ea139edee78b81522672

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 colfaxwebregular-woff-data.woff
www.theeastafrican.co.ke/resource/crblob/654236/484a9b97cb7eb812e957dc31acea5702/ 53 KB
52 KB 40ms
21ms Font
application/font-woff 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/resource/crblob/654236/484a9b97cb7eb812e957dc31acea5702/colfaxwebregular-woff-data.woff

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28cd9eb80c20577e67262142fb192ec89bca2c8f5dfd4f2f95754544e0376a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css
Origin: https://www.theeastafrican.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 10 Jul 2023 16:38:00 GMT
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 134063
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Jan 2023 10:15:01 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-type: application/font-woff;charset=UTF-8
content-language: en-GB
cache-control: public, max-age=16070400
cf-ray: 784da44addb92c63-FRA
x-cache-hits: 0

GET
H3 200 colfaxwebbold-woff-data.woff
www.theeastafrican.co.ke/resource/crblob/654228/c1a9a9454fb97ce419696293ce138855/ 48 KB
47 KB 55ms
36ms Font
application/font-woff 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/resource/crblob/654228/c1a9a9454fb97ce419696293ce138855/colfaxwebbold-woff-data.woff

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7884f99963702ff9f2be59ed906bd5ea29258cf58e7fd9bfa35099d1fb7f1a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css
Origin: https://www.theeastafrican.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 10 Jul 2023 16:38:00 GMT
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 134063
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Jan 2023 10:17:48 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-type: application/font-woff;charset=UTF-8
content-language: en-US
cache-control: public, max-age=16070400
cf-ray: 784da44addbf2c63-FRA
x-cache-hits: 0

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 334ms
14ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.theeastafrican.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3176024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAlkgHFXeCQQQ%2F5vGyhGj%2Fnkt360l%2FN3QJly0zIjNcbfy1cHWPUjHI8Z8HNcmdYYnWAo%2BZa3hp8oRV1FcYPOmmvNOKGq%2BbXwYQd7JA0rfCMp0KnUk5a0CB3BsB8seuHyzuP46bYw%2Fj4VZ6Ii3RRqgI2Y"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 784da44ccd719b8e-FRA
expires: Tue, 26 Dec 2023 16:38:00 GMT

GET
H3 200 icon-woff-data.woff
www.theeastafrican.co.ke/resource/crblob/654242/f8e6ba750b1cfc7ae0483d6c9cf5a8b4/ 11 KB
12 KB 56ms
37ms Font
application/font-woff 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/resource/crblob/654242/f8e6ba750b1cfc7ae0483d6c9cf5a8b4/icon-woff-data.woff

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc3dbb803a0b2711cb586f111c2bf102749d997f8213b154f55dde07f51ec40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theeastafrican.co.ke/resource/themes/east-african/css/east-african-654262-154.css
Origin: https://www.theeastafrican.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 10 Jul 2023 16:38:00 GMT
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 134063
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Jan 2023 14:49:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-type: application/font-woff;charset=UTF-8
content-language: en-US
cache-control: public, max-age=16070400
cf-ray: 784da44addc02c63-FRA
x-cache-hits: 0

GET
H3 200 east-african-654258-7.js Show response
www.theeastafrican.co.ke/resource/themes/east-african/js/ 393 KB
104 KB 34ms
34ms Script
text/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/resource/themes/east-african/js/east-african-654258-7.js

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e78321fdea2ab180ecde5d5b051a8fad036fecf66a5095844995eb5de0fe1f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 47351
cf-polished: origSize=402407
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 04 Mar 2021 07:43:32 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-frame-options: DENY
content-language: pt-PT
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=2678400
cf-ray: 784da44baefe2c63-FRA
expires: Sun, 05 Feb 2023 16:38:00 GMT

GET
H3 200 commons-654256-2.js Show response
www.theeastafrican.co.ke/resource/themes/east-african/js/ 102 KB
36 KB 29ms
24ms Script
text/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theeastafrican.co.ke/resource/themes/east-african/js/commons-654256-2.js

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8daf75cb5152da84244b9fc502adb0e8462bbfd948622e037c2fba21ba7909b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 47351
cf-polished: origSize=104384
x-cache: MISS from www.theeastafrican.co.ke
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 17 Sep 2020 11:25:44 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-frame-options: DENY
content-language: en-US
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=2678400
cf-ray: 784da44baf0d2c63-FRA
expires: Sun, 05 Feb 2023 16:38:00 GMT

GET
H2 200 tentacle.js Show response
tentacles.smartocto.com/ten/ 30 KB
9 KB 492ms
35ms Script
application/javascript 34.251.7.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tentacles.smartocto.com/ten/tentacle.js
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.7.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-7-23.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e24973161abee07293054c6b58a49f353f8c191cb78455c190768edac71abcec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: gzip
last-modified: Thu, 29 Dec 2022 08:18:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60, public
expires: Thu, 05 Jan 2023 16:39:00 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 467ms
6ms Script
application/x-javascript 2600:9000:2057:5c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:43:34 GMT
content-encoding: gzip
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 57266
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QsgeG7digA5plCz3iLAq2zuHaU0MwKx4tUxjeDhnKO6tIlrVrIwtkg==
expires: Fri, 06 Jan 2023 00:43:34 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 478ms
26ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 529ms
64ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34e95aba563e58aa7316b8942a898aae6cf23f417b96640a0d0ae8d7284b7572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49654
x-xss-protection: 0
server: cafe
etag: 15497445563952090194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET ad.js
ads.nation.africa/assets/ads/ 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 597ms
132ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8a1f7d8f0f7c50ef375b9974285a70a25faa75fa8302bb0086aac6f402011d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27583
x-xss-protection: 0
server: sffe
etag: "1442 / 983 of 1000 / last-modified: 1672920271"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 477ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8a1f7d8f0f7c50ef375b9974285a70a25faa75fa8302bb0086aac6f402011d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27583
x-xss-protection: 0
server: sffe
etag: "1442 / 563 of 1000 / last-modified: 1672920271"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET
H3 200 invisible.js Show response
www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame EE6B 31 KB
13 KB 29ms
26ms Script
application/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672934400
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93446e17657b68a2ca895048dcc95440bc8c2401e82f6ae4c37dfbea6d95d86a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 784da44baf112c63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5acd99a0dfbf4d9f44f2feaeedeaf19ade7afdc90389401c089e52c3fe6da44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 288ms
42ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBT24PQ

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a59e7c6648bcd38ca5a2a16c2b8f5d33ed35a9348468ac6ceb40282c3c649fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38577
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET
H3 200 pica.js
www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/scripts/ Frame EE6B 25 KB
10 KB 18ms
17ms Other
application/javascript 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5eea227fd7074e6d3ca5c2b994eb2ad526acf12d57a5d04fb9e40f1676cf853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 784da44e9c582c63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 17:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Dec 2023 17:22:17 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 422 B
803 B 192ms
71ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theeastafrican.co.ke

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0d0e44b8aebbadbf8e5fffd420493e553391db37348b818f646b23b9fb9b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167
x-xss-protection: 0
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 163ms
81ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZH5VRJ61ZP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBT24PQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83aca63ef9c7b9fcbb00274bfb27b7adb5291881e89bbe3e6883cf33c95c2422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 16:38:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 96ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theeastafrican.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 114ms
35ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theeastafrican.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 1166ms
1092ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=835391562208775&correlator=1355365570548095&eid=31071185%2C44761477%2C31068367%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1010816%2CEA-970x90-stripmast&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&adks=2899427188&didk=2681870541&sfv=1-0-40&cust_params=url%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672936681074&lmt=1672936656&dlt=1672936679659&idt=1247&adxs=315&adys=58&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theeastafrican.co.ke%2F&frm=20&vis=1&psz=1600x32&msz=1600x0&fws=4&ohw=1600&ga_vid=1819642386.1672936681&ga_sid=1672936681&ga_hid=1035854706&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af9f2a7066b003829dcf819de19d7d524e33734d8b1a332ca546e3a0b1394920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13244
x-xss-protection: 0
google-lineitem-id: 6181474778
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138416644053
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theeastafrican.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
13 KB 1494ms
1421ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=835391562208775&correlator=1355365570548095&eid=31071185%2C44761477%2C31068367%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1010816%2CEA_Home_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=1526944576&didk=4099186594&sfv=1-0-40&cust_params=url%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672936681101&lmt=1672936656&dlt=1672936679659&idt=1247&adxs=1024&adys=106&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theeastafrican.co.ke%2F&frm=20&vis=1&psz=336x32&msz=336x0&fws=4&ohw=1600&ga_vid=1819642386.1672936681&ga_sid=1672936681&ga_hid=1035854706&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44c4c834b5783853533dd21b06efc77b0f35b4f5b05715b2bf22169939ca1569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13087
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theeastafrican.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 73 KB
23 KB 947ms
877ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=835391562208775&correlator=1355365570548095&eid=31071185%2C44761477%2C31068367%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1010816%2CEA-300x250-Hme1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=189678513&didk=3778397061&sfv=1-0-40&cust_params=url%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672936681105&lmt=1672936656&dlt=1672936679659&idt=1247&adxs=1024&adys=662&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theeastafrican.co.ke%2F&frm=20&vis=1&psz=336x32&msz=336x0&fws=4&ohw=1600&ga_vid=1819642386.1672936681&ga_sid=1672936681&ga_hid=1035854706&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d13b4b644e5f8e892f68485e43c2db006df351101f9aa3b14a92d8b5992c952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23088
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theeastafrican.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 547ms
478ms XHR
text/plain 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=835391562208775&correlator=1355365570548095&eid=31071185%2C44761477%2C31068367%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1010816%2CEA-300x250-news-hme&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=1461412240&didk=1303152300&sfv=1-0-40&cust_params=url%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672936681107&lmt=1672936656&dlt=1672936679659&idt=1247&adxs=233&adys=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theeastafrican.co.ke%2F&frm=20&vis=1&psz=333x5&msz=333x0&fws=4&ohw=1600&ga_vid=1819642386.1672936681&ga_sid=1672936681&ga_hid=1035854706&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

605c6fc9075b707fd1745203a795030abed84a2645097216c440bfbcb9d22390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13204
x-xss-protection: 0
google-lineitem-id: 6181474778
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138417589831
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theeastafrican.co.ke
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA48 6 KB
3 KB 192ms
54ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theeastafrican.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 16:38:01 GMT
expires: Fri, 05 Jan 2024 16:38:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 784da4476ee36987 Show response
www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/cv/result/ Frame EE6B 2 B
391 B 52ms
52ms XHR
text/plain 2606:4700::6812:17f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/cv/result/784da4476ee36987
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672934400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:17f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
content-encoding: br
server: cloudflare
cf-ray: 784da452fc0d2c63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
353 B 65ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZH5VRJ61ZP&gtm=2oebu0&_p=1035854706&_gaz=1&cid=1819642386.1672936681&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672936681&sct=1&seg=0&dl=https%3A%2F%2Fwww.theeastafrican.co.ke%2F&dt=The%20EastAfrican&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH5VRJ61ZP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theeastafrican.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
344 B 48ms
17ms Ping
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH5VRJ61ZP&cid=1819642386.1672936681&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH5VRJ61ZP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theeastafrican.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 60ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZH5VRJ61ZP&cid=1819642386.1672936681&gtm=2oebu0&aip=1&z=1077374872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E239 0
0 56ms
55ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudj-q5E57ooKUibafOrzVBwkYYLSjraq7sewwefpW-4F7PEk3WbIrnp_cyfJ6Cezlub0bP_BZfr4G-7RQDNrY0ejlcKmZca_tBs16dJy6PVti6EuaWOO4IZQDxNHlLJhhrVOk07eXGIDVdGa0lylU_jHeDqa_U5S-IyHQTfi6WdwS6n-Ty_buDvt-dHiRurVxpbPYXXazPFiIs9C0H4VHk8MRts_PNEHNvwLDz3yPOyRFyzvW7eAD6IZ5Zxr2d0pnOh3rH9sl6h9pbxs55WKW15hUq8x5TuCRX_FuFH_ypHAJotqdw6j5I0z7g3whnUzdfI_BwNLbwOeMpMy7a1mZA1eKdTw&sai=AMfl-YS3YMhAeRLyAHn8e9RSXQ7veyNlXRpm2yvbh0csOOqX7ZsoCUukcJV5w0iSaCNWjlRdHXoWt4ZUOF8_EgZD49GCZKkmUt_T7uVGnGYArD2InPmvi4cjM8SCx7GT8ku7im_OBs-j9KTpaod6jtKojZg&sig=Cg0ArKJSzAB9GElZebQUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 16:38:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E239 3 KB
1 KB 45ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E239 154 KB
47 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 16:38:01 GMT

GET
H2 200 3456257657279232306
tpc.googlesyndication.com/simgad/ Frame E239 77 KB
78 KB 45ms
21ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3456257657279232306

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e9f252f54b69f1e4d255da67627054d18f4ab2083cd3a520d2193c435ef813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:19:22 GMT
x-content-type-options: nosniff
age: 69519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79083
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 12:46:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 21:19:22 GMT

GET
DATA 200
OK truncated
/ Frame E239 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbade29e9c0550cda4accb3fc06a9d4db90e2674dbd17621b3779d6c865ba3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E239 0
0 101ms
56ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWZT1ZbH5mffZe7XSA--JzwyQIhsgMsbXE2hQ2zo9vx27NJrxI4ESXp6Ne-hngCvx0rbmrHaFzXMEtsXAHuElCtHAiPb4ufdsrOT6wwYt6bclX_umWt-jpvch6yjQeYFo9KHQEOTknIqsjPDS8gscrqy3tA9YzMjQ05MfmE72h9sU_X1Chto31wJXPLRYW3uObKrOcnX_04C5zinr1P2UqeBOPRrn3PlEAzba_aL_oUTrHYtN-oJK1d217kGTQcR-V6TYxGz_f2kz5bRIuuQtwqVmta5gnMdhmmVFTrEkXMgfuBY_pJjCXCsn-yq_i2N3o0g0F1bXJXKeRp9UiWHg5KbFwj0_e&sai=AMfl-YRNhs8xbZBVLCVYCi5bs59_hvs_KZBFPDnnY1r9zFL_8bQ1ZwUsBzOJMCEE16B701fUWoMKv09ejHTemqha-ZAEbqdV6SU3z63eZgJbU2yPCe3bGd94Kp-Vqdzif7tqkDJCc2kHf8XotkpUNg1KyHg&sig=Cg0ArKJSzF1jPNeHk47_EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 16:38:01 GMT

GET
H3 200 container.html Show response
67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F7C 6 KB
3 KB 62ms
20ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theeastafrican.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 16:38:01 GMT
expires: Fri, 05 Jan 2024 16:38:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 8F7C 24 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8F7C 8 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 14:58:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 16:38:02 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 8F7C 14 KB
3 KB 217ms
20ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:19:29 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 8F7C 388 KB
131 KB 218ms
21ms Script
text/javascript 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 02:43:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 8F7C 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 08:26:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5CC8 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLT77x-T3jQNCAnpKeb0s_9VItgtw7X-uHx_EzTSXw9mNPzw51CYr3QVL9o5t7e93RTwP2hlLd1dKVHvtBJVNByJCOqKRMqjonjnysGZeIc3awbna_be7RNSzi2g424VKaGUPyfsew8G_UqjBJ86fxkejZbn-HzFB0JRPqviu00dhS2mxU7mPB6aGwkt7awlV_Yi6_nhdsF9Cl_rI3zAtyRZgmTQmEEdWC7ShpIst2EgCKMOVJdiJ2m8VAW6ZtDJT6r3JGZ30IGap1ZO75fvl1GGZBoLwabpZTLojaIeeBS3Yn2AZx6UKhviTA7Gft2VEmnUz1nYYsGEvwO0GTM2Yi&sai=AMfl-YRYDOgvsEWpR1E-lOFSj9-5ftaH6zSuC0GrmVAApfbaYdrwVCMRXAUkcP43bWxghRNMXHv_Eyn5pTOMzvSAoDBb8aQM1ooO3NRrYBfPgK3ZVOgj1UDPrjGe91YTpraHkny1LzeZdPoZ5TD_MzLIvnU&sig=Cg0ArKJSzCxHwp0OD6HxEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5CC8 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CC8 154 KB
47 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 16:38:02 GMT

GET
H3 200 9859605542524122496
tpc.googlesyndication.com/simgad/ Frame 5CC8 75 KB
75 KB 21ms
20ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9859605542524122496

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7daf632f8c47a84dfabea83b3e82185661689ca2ba1f641eb6bc28897d3081f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:38:44 GMT
x-content-type-options: nosniff
age: 115158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76764
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 08:09:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 08:38:44 GMT

GET
DATA 200
OK truncated
/ Frame 5CC8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ff2907e3115a02aabd3da2f4863e99cb85d04b5e3b4f6206eeb35fdca5865da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5CC8 0
0 56ms
56ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIX4e5YRaDhOeRsB5aKmtRhd1heseb-VlICtBBsaLQt8FUmOl-5Lhb7tNobos94PX52-ibcfuEWxuEYnslgOfrssSt8pXspsOh621LUN6H5xG55tOn58ZPK5ONHIsPkWbUrL58gbpqhRbEugX2RHl_rQ1YjlX0wDTP2Gv68FrFA41sbfSFlNQHLEoxPUlG8IvDlSsEDDpyW1Ep5q36ZPSFr3_Uw7BTo3btzO43bvcNWHYndKiHYJ8JouFCD5CqTwe_QTjwlti9MJ2wVpB38UMDSNMsxKseTSjbEG7rGrMY_MSTNPxdbgpqlaMYNCwNA1zSkOmV_NOnxPFD1PTl_cKeQjA&sai=AMfl-YTXv-5nFTPUWy83erIgqVKIwe2LtaQqSzhP_gugfkbaRTYzkBj2cRN-Kl2FEo5ghmCg1isR677Q3WkLRYbUycuL_eOPgzgwp3NlSOl6Ix6LVzNRBIge4f1puxhHeOGqGWvxHeKVgYOMlOajbx0lW4Q&sig=Cg0ArKJSzIDa6htTH37sEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 16:38:02 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame C990 221 KB
61 KB 115ms
21ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 68517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C990 14 KB
5 KB 151ms
57ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 68517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C990 94 KB
28 KB 152ms
58ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 15:36:51 GMT
age: 90071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 15:36:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C990 5 KB
2 KB 161ms
68ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 68517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C990 40 KB
13 KB 161ms
68ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Jan 2023 21:36:05 GMT
age: 68517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jan 2024 21:36:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C990 8 KB
712 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 16:08:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 16:38:02 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C990 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:34:03 GMT
x-content-type-options: nosniff
server: cafe
age: 57839
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Fri, 06 Jan 2023 00:34:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C990 295 B
319 B 20ms
19ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:34:47 GMT
x-content-type-options: nosniff
server: cafe
age: 57795
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Jan 2023 00:34:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C990 0
0 64ms
64ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoRM46vy2Y7D_Du_d7_UP6fmdgAqCnaCnbuiRq_jSEMPvj5yuIxABIOC96R9gleKQgqAHoAGSmav8AsgBAeACAKgDAaoExgJP0JSvVrS4ryJ-0xLMVfAt-DXIiduwoxS9aVtzGHb8YtIxj_XSBsPk3h_pvqDwaOR5YgVamHHWAGpm8MiP0HiS4rKjogOoECQDu8Ksctm55GnIwtPD77o8avqmlc5sJ7Ix1Zp0oONCAbYG1u8KzIjvlbl_VwvmDUfSiv86-Xa39SD44NagYaJwfMDAENVuQ_4fZpNZzUK1yPER5627o9UIJqXtzbT7sGsRDJtJTTAksw-D1SM6R_rswNgkNqBjMBBfxtZ5j_X68tbdZ_esXujy2W-z-gvvax9qB9ToYpwEXTTnfCB576KKC8wzrNIfRcPrXeG7jU-BfzllRR8pmCaYU048W2HZFMk49WLzBgmzKczLkARLR_ct_hHwXWrmQ-vDpVobKnxSS7Tvynn_7GboJEcFCb_gMFbLs5RCvwK9yuV79cFyhMAErPH-55oE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_68j0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjA2Mjc1Mjg1MDQzNjExOBjQkwY&sigh=3o3F9FU8cyE&uach_m=[UACH]&cid=CAQSSwDq26N9DUMxtRhCtCB8eih8IQFRZHJ83Wyc6Rs0lSHeNF5ejaP0PHwvGgb7v9MWZ91AO8RtaC6h4tDvMFf6acCwvPJqf3DD8Tq4rxgBIBM&template_id=5028
Requested by: Host: www.theeastafrican.co.ke
URL: https://www.theeastafrican.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C990 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C990 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fb6148279eb02f14f08f79dd70feb69a28ab7e223bee82e31de88ba08b868f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame C990 44 KB
44 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theeastafrican.co.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:50:24 GMT
x-content-type-options: nosniff
age: 251258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 18:50:24 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F7C 0
54 B 974ms
345ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lcjbb1si&c=3160081266608&slotId=1580040633304&qqid=CIyikOXusPwCFZPRuwgdjyYC3w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F7C 15 KB
16 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 258790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F7C 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 593747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 19:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F7C 0
20 B 61ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CGl0e6fy2Y8yJJ5Oj7_UPj82I-A2B6ZrlbdyxxP7HEPac16K7MBABIOC96R9gleKQgqAHyAEFqAMByAObBKoErAJP0LwelLrytuI1JwKsxSnauB01UxDVLUW8U33xzbcBaY5SAB04vomloQDEH0Vq6qaCWUSeGjXHF4_DHqGljVCCnVigMiVd21WS42AmY-bA5ZFJi1LqweAat5dyXhjbP5FdPr_67TNAczIARAtG9hqDExjoxb-nA7xndeMxYiSWFM2r14OJIYY6O-LeTjZnCxFZVvS1OEqdA9VjCuRjGCn_Ym6d9YYbaal6Xx5Gm0gsD4PvNJAQlIYrvQqHpGYbDTeD8SnAwjfKYXvIkpaMf03bo_LcamsXy1foXO6CgM5B_aaY4oY4ozADWrdkEzMkYBCwr71gN2uA9mAGcl99Nzet4eOMYc2Phgs7k9DsHmxXIfdJd1IAzfmf9wjqIHaLDwQmHcdeiOCOq82xCH7ABOaYsqf7A-AEA5AGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5e_wRHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1672936682716&ai=CGl0e6fy2Y8yJJ5Oj7_UPj82I-A2B6ZrlbdyxxP7HEPac16K7MBABIOC96R9gleKQgqAHyAEFqAMByAObBKoErAJP0LwelLrytuI1JwKsxSnauB01UxDVLUW8U33xzbcBaY5SAB04vomloQDEH0Vq6qaCWUSeGjXHF4_DHqGljVCCnVigMiVd21WS42AmY-bA5ZFJi1LqweAat5dyXhjbP5FdPr_67TNAczIARAtG9hqDExjoxb-nA7xndeMxYiSWFM2r14OJIYY6O-LeTjZnCxFZVvS1OEqdA9VjCuRjGCn_Ym6d9YYbaal6Xx5Gm0gsD4PvNJAQlIYrvQqHpGYbDTeD8SnAwjfKYXvIkpaMf03bo_LcamsXy1foXO6CgM5B_aaY4oY4ozADWrdkEzMkYBCwr71gN2uA9mAGcl99Nzet4eOMYc2Phgs7k9DsHmxXIfdJd1IAzfmf9wjqIHaLDwQmHcdeiOCOq82xCH7ABOaYsqf7A-AEA5AGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5e_wRHQEwDYEwqIFAHYFAHQFQH4FgGAFwE

Requested by

Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8F7C 23 KB
15 KB 228ms
43ms XHR
text/xml 64.233.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CdjMse8csTEA9xjVEr03BAuegByZHMF0hLgG7848d8Rc7GeOdIOTeQnImsMhmKtsAjlno74lX2Bx0AesOn_amqWLvwUA&cry=1&dbm_d=AKAmf-DLHEDvNGDTGOnEiMAriEaDMRL9Rw-GbHA2R0kRu3EErRa1CVsCRH-VbnLT0xbRUo_tF-BxyDLnK4Z4qDYgui8h50TA7tO3Qlib23Moug9Zg6xcHJ0H4eW2j-fW9VIiEONFoZEy8dCA4_d2kR98OmUaqHmohVTkkmg4pEKMkoQV006rpkUfHbQTNdpGU9bf0aH47JZ88KdmIBM7P_XwFTkb4Pf7fSuq_FsE9AYaXeCjHkpBc884rgu4k_nORmhYEB1Vn4yShIpFwqNdEhJMfM2ndgP4lQmzD6gguR4dN2toyEP6ZQgUKO5ealSssEcZ0LQ-yGRI-l1QQehXIE5l5T1OEXP6AXGcafQc8X-I3CCGV_EvNC4GWfyf6f-JrOVRVW-y5rySCIL1PPDBL6etz4Rb2-9Wvso91ghwYRBBC8Cd4ChTcoYFC87A61u6LE17VoKJIyl801cEUOO1yVv_bqoJTGQ3OHtyqeprzfJTJdQyAQ0w5D0CRaiuPYdlrknohu96FEoUqDp_XeR3tigxy9ptJ94AbMFYjSUhFpsrJWBQ_wjQKpddJpozlbwUsAGqJlRZ9XYLcC7e8x2vMacSmV7fB2sWiUQDZYHe-tGtLIZQdtm9qgMGeaXxFpPRBhAeGhFJJCEOBrz04PWelNlXAdTtJenoeUTdm0L7mFNE4-uK2bvr0Imn1xSuCuG1BtdOAvb0dYFF6cFY1ZJJyDo_tf1cSViU67X79tXk3-bm1m3kan-qHr_msAtjtfHEbVBE4c0BvdTyJ_zdMspBZCHJdZoVJcYqJ0cN7nuhHryTskaFdE9LVfB3rZIXZKZxRRT-pRV__7Pxj13rlWgXGFLzsP0sKgswbHmWqPG53wIpLwnOSygZGTqrXndmP_cH8OLNBaROYQqXnKS_Vm-jjovbI3nKbkylLZHw1nsTApiZjYyeKseCzwd3G_4jnMyj21ujpPZdWIOMeBKW08-WEJ2vGMwg92OyjWdS6JNdz9_N6t1RwOXStQVFxLTuciYCp3HHmuN4gbjqFTqoTbtzXNQjft4ptgv1hibiRa-Cxd8F6jDO5qWzpGAmEyj2eDxIZg3W-heUWew93srHdJSa2Mq-EiQoIYmUbuXZlBBp7hF8ZDyKE72XkTNsWlr4u6NRXriWevxWxQG87m7-Dv75zOpxbFrbJOO7KN7HAsi9xGuO9LGALLhrLCaraHtrRdi5XzVSmgtQQg3i0FSPIoY3C07paNmnaFc3uMzZhbLd1UIXPDem0ScnwHM81EnpPkePPeB4p7sxEJd9QPth4mdJaoOxfB5yKd7EwDuxu_9GxIzKLWls_ddrlr8oc-RfjTv1tkyeifCSgWmIwzXirMhBp1T-8xs_zZHJyvI9Hb6GXXf0kPSTGhJmanbibWuc37rhSech8zmhupPIhj9AJlBca3cny7K8PxrZ2XXR0zIsuvC9ywarzVEJo6EGg4mi2Tl9WanHchTuhtsdTI-frG5_xSEiMAqagGN9xkdB4eZ6Yun89Aky_imAYb4I_1x_4tSXjI0yB6eVMSwWzYX2UysaorPtFxsXUAlQq_9ARdCGtmRpdOuz-yP79p6DZZBXDbU5H-67FHkF4rCjj4JC5Dc-adIobre0Oux-txJWC9T3wmHVjZYZ72r06EnvzUCtYwjM6jR5AsdHwhtJjMooUnQPVuypd6xKnhmykD5PJsjBW9bjzm8ggQOeaXfaaIm9dQKSI4jmup9l4fPvxZm7VHbFJKgJOJ82YfjbJ9u1uU4BoiXmbgB_FAUAJHnGGsjxWLm-dUhH87itANSV7hwroPhhgyMc76X0vv_4GSDFaZLP-Ngf1kSO9a-yWE3AULrVbWAHncZWHBeiOPRqdBxzu08z6eYSYmeeejBb_Ii7OzdbrcVoG0btYR7Sf9QNvwB6F65A-Is5l7e0nJXI7sTUTeVQSFiGFA0nuWyLYkuI7wDDAM4FMweo6Od3ZZlMUpNFOom6DJRBUCWcaqMyOzYxw9OV9PUyRqqYk7Rs0jFTugRApEEE6LZtOQVhnBydfSNX8sDpiBUn1_6KbBMFlXIIfr8bv8RjhFFBv70zWoAl6dWQf7Z6dBWToAbgE4_hZS0pTRk6n5U5xKK2TPv6kUcakB1jUzi902Qg98gmnM8cLrJLr3IeufArvWNqvq_jUFkXMXBfCI3W9oiiKPA7fVgjJ5LkJpo_Uqp4uQLuu_HAusF2Dy8mjTgJfTtHzTaod3QNSqLrDcxavF9NX2xgzgUIY330dW7UUzQZogPSe3WlFTNPa1T4aeTLZSQRwC7vX3LC0hL8B-f95YYqFiPbg-aJbKgKIgNLztNytjsO_39xUKcJW0OtjCBZhbK9XKosuI67a5KaqildW_6LY0wQ1-ZXzEkq8PTqSIRCoJk6IkecXIxjAYml0othYsJU5jwsg4DcWtvG09VrenItVc4YjpMe3Ih0Z0yhOSgdaSMt9c6Q5zHmro-yupeimlhN1uTRbhvRwt_0sv-e8dBaP-TBrBUTDc-HBlLz7WbYk7cY9yFftf5KiP8OshAtRwu1MRJBr2GoLtoCb8t6bl2TbfURnetpFDjkGrBcy1GoM4sk-PVO5wf_9R3Loy2tVI64sqpt4gbrlEV8jtAxZGYnfjb-Sa5IucSKFe3z7_Xg9mjBU0kqoP3eXqM4rEGeXQ4piYAmrRkKzr4ff4YdhLaVYFOpUR0k7cZ_YYD6sa9l278dbGVvCXwfWD6RXaI0Rkds2SKLV6kdgoB4iA-CO85bECfmBo7-iaMzbQks2ZVb1S5LZuZ1FTIz8l19CwVNGe1EZpu2DvilqoZfvdGLHK0SWoHxL-4QtUSs-iiTyhlTaVjEZq_HbAj-fonP9NPlhFpFwgXOrJLkkFUUoXrmnm5oAFQb1P9JvNjGJkgz3e-rQ8hOJHkzE0lIri_LVW-JJB0PUqG7rpYOi1mYS0d3mD8w1oCFPKNYDFSWdSrGW9Xuk8stGpJ37gBPnSBX0WQtpoZMoFNmH7uo5MFFjBUHYm5po9WviaLxvuTjo8H7g53Aw4Wx25DpErysggG2G2lqqGB-v86YE4_o8vP-Z5Z-_SRVACSCXh90o5SiW-j6_xlhHY-sg2YntoPoW5pIxLkczE6yy0znepP8buZu1UiAlCbIbCt_RoL6Dgb_sTyNyOB04meMRXaULSnZzyRZ3nXZoyRKo3EHioQW_z-UQk0uq0Hgl1keROmezbgoYq7x82CulIdfox2HXZlgUsztMkNc-aohiO-MUpOmmpTW0IE1yDbKn4JvXy6r03_FB9awqp0XQ7Jq1gfu3H6Qv_kf3lC7cuoCldI7TfZ3dz75DxQqlkGKCmqIIiVrsfGQ_QziSx9uT401DDmNl87MqjJCSU3jnAMWFt5FOlCBYsnFLi9E9Bte7bzfKwMR4alNfdxoRsY9Ey3gxwWWlypstQfKXZl65fGVxFzQdQsmsVfp5I6cZQt0y1LQT5eS5h1l1KpoaFhkJjPif9yKn_lcxtH6rlrEjKG17tu4cZqA_bDZcJFTuVuAiyUgL0pDuRN16zGG3G0U5BkCE8lXzHOWiugxgmiG4TfLcfI&cid=CAQSTADq26N99JInNfKhHPXwaovR5-yQJCLVq2pMQ0znK3Edhu2ypkp8iCB-ReYveFMy7GP4ZOc0Zhf6-VcR6ZjJYIBviU0UMyffIXT4hSMYASAT&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f157.1e100.net

Software

cafe /

Resource Hash

83c72bef80c7e2ca1a8727884866b6a9cf555f3023a60135fe1cf4ec12789e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15114
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F7C 0
0 59ms
57ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CREh06fy2Y8yJJ5Oj7_UPj82I-A2B6ZrlbdyxxP7HEPac16K7MBABIOC96R9gleKQgqAHyAEFqAMBqgSpAk_QvB6UuvK24jUnAqzFKdq4HTVTENUtRbxTffHNtwFpjlIAHTi-iaWhAMQfRWrqpoJZRJ4aNccXj8MeoaWNUIKdWKAyJV3bVZLjYCZj5sDlkUmLUurB4Bq3l3JeGNs_kV0-v_rtM0BzMgBEC0b2GoMTGOjFv6cDvGd14zFiJJYUzavXg4khhjo74t5ONmcLEVlW9LU4Sp0D1WMK5GMYKf9ibp31hhtpqXpfHkabSCwPg-80kBCUhiu9CoekZhsNN4PxKcDCN8phe8iSlox_Tduj8txqaxfLV-hc7oKAzkH9ppjihjijMANat2QTMyRgEOiuJ5Wk-cdks_rlBqigMSkYyjKYi3InV8YaZOc2ZX45FpbODv1ORLbZEGS7l6Kx34E060ZZKAHyGMAE5piyp_sD4AQDiAXC0oz7QJIFBggDEAIYAZIFBggbEAIYAZIFCwgiEAUYAUiz3b4BkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAf_k7XhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcLEPfZqwEYs4bk2gHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATl7_BEcgThuG-4APQEwDYEwqIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNjA2Mjc1Mjg1MDQzNjExOBjQkwY&sigh=qESC6kwsJO0&uach_m=[UACH]&cid=CAQSTADq26N99JInNfKhHPXwaovR5-yQJCLVq2pMQ0znK3Edhu2ypkp8iCB-ReYveFMy7GP4ZOc0Zhf6-VcR6ZjJYIBviU0UMyffIXT4hSMYASAT&vt=10
Requested by: Host: 67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
URL: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8F7C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e853fb2c82a8139fddded7d1bbf7a6f0b42c4aa60320ca0bdf315c2d6f66f463

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C990
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

104ms
43ms

Image
text/html

2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Jan 2023 16:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C990 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:34:03 GMT
x-content-type-options: nosniff
server: cafe
age: 57839
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Fri, 06 Jan 2023 00:34:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C990 295 B
319 B 20ms
19ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:34:47 GMT
x-content-type-options: nosniff
server: cafe
age: 57795
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Jan 2023 00:34:47 GMT

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame 8F7C 16 KB
4 KB 245ms
37ms XHR
text/xml 104.248.39.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=15911784&cmp=197104&sid=18330&plc=6943192&adsrv=29&blk=1&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F197104%3B6943192%3B208%3Bxml%3BDV360%3BDemandCreationPremiereProQ1PremiereProFY23Q1DEDisplayDV360AppetiteLifeTargeted15sVideoVASTCrossPlatformAffinity1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.248.39.31 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: c2119d3d342439bd47cc4bcd6cd1942bd65907453d5fd147c937a537abc79451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:02 GMT
content-encoding: br
vary: origin, accept-encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: none
timing-allow-origin: https://vpaid.doubleverify.com
link: <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://servedby.flashtalking.com>; rel=preconnect, <https://d9.flashtalking.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad-events.flashtalking.com>; rel=preconnect

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F7C 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 20:10:41 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 8F7C 7 KB
7 KB 101ms
7ms Image
image/png 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 16:38:03 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
Content-Type: image/png
X-Varnish: 858655964
Cache-Control: max-age=785
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281
Expires: Thu, 05 Jan 2023 16:51:08 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F7C 0
327 B 458ms
343ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lcjbb1su&c=3160081266608&slotId=1580040633304&qqid=CIyikOXusPwCFZPRuwgdjyYC3w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=8&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&ccc=0&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&met.4=atrd.1n9~videopreviewvisible.1nc&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content DV360-PremiereProQ3-DE_DE-Appetite_854_480_700_3000.mp4
cdn.flashtalking.com/172247/ Frame 8F7C 2 MB
2 MB 113ms
61ms Media
video/mp4 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172247/DV360-PremiereProQ3-DE_DE-Appetite_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 87e1b108605c46d71401b99535848674927289d7c80db26b55756de934385a15

Request headers

Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 05 Jan 2023 16:38:03 GMT
Last-Modified: Fri, 18 Nov 2022 07:43:02 GMT
Server: Flashtalking (AKA)
ETag: "8f73bc94e63764b8d51db1af2ee495e5"
Content-Type: video/mp4
X-Varnish: 841326717
Content-Range: bytes 0-1695447/1695448
Cache-Control: max-age=30
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1695448
Expires: Thu, 05 Jan 2023 16:38:33 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F7C 0
54 B 451ms
346ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lcjbb27d&c=3160081266608&slotId=1580040633304&qqid=CIyikOXusPwCFZPRuwgdjyYC3w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvast.doubleverify.com%252Fv3%252Fvast%253F_media%253D3%2526ctx%253D15911784%2526cmp%253D197104%2526sid%253D18330%2526plc%253D6943192%2526adsrv%253D29%2526blk%253D1%2526_vast%253Dhttps%25253A%25252F%25252Fservedby.flashtalking.com%25252Fimp%25252F1%25252F197104%25253B6943192%25253B208%25253Bxml%25253BDV360%25253BDemandCreationPremiereProQ1PremiereProFY23Q1DEDisplayDV360AppetiteLifeTargeted15sVideoVASTCrossPlatformAffinity1920x1080%25252F%25253Fgdpr%25253D%252524%25257BGDPR%25257D%252526gdpr_consent%25253D%25257Bs1%25257D%252526us_privacy%25253D%25257Bs2%25257D%252526pbMethods%25253D%25257Bs3%25257D%25257C%25257Bs4%25257D%25257C%25257Bs5%25257D%252526cachebuster%25253D%25257Bs6%25257D%2526_s1%253D%2526_s2%253D%2524%257BUS_PRIVACY%257D%2526_s3%253D%255BPLAYBACKMETHODS%255D%2526_s4%253D%255BCONTINUOUSPLAY%255D%2526_s5%253D%255BTIMESINCEINTERACTION%255D%2526_s6%253D%255BCACHEBUSTER%255D%2526_api%253D%255BAPIFRAMEWORKS%255D%2526_ssm%253D%255BSERVERSIDE%255D%2526_tsm%253D%255BTIMESTAMP%255D%2526gdpr%253D%2526gdpr_consent%253D%2526_abm%253D%255BAPPBUNDLE%255D%2526_pum%253D%255BPAGEURL%255D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F88 23 KB
9 KB 20ms
20ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 116177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 08:21:46 GMT
expires: Thu, 04 Jan 2024 08:21:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F88 36 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 16:24:16 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/6943192;4128510;0;271;FFE9C829-5118-3C1D-CD3A-44B4FF58CF7E/ Frame 8F7C 42 B
343 B 605ms
218ms Image
image/gif 104.96.137.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/6943192;4128510;0;271;FFE9C829-5118-3C1D-CD3A-44B4FF58CF7E/?ft_data=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=1871448800

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.137.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-137-173.deploy.static.akamaitechnologies.com

Software

prod-xre-app11.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 16:38:04 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app11.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Thu, 05 Jan 2023 16:38:04 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame 8F7C 0
67 B 270ms
25ms Image
text/plain 3.8.79.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?14300;197104;6943192;4128510;0;13;FFE9C829-5118-3C1D-CD3A-44B4FF58CF7E;54834D535753DC;1871448800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.79.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-79-40.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:03 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tpsc-video-eu.doubleverify.com/ Frame 8F7C 0
162 B 125ms
13ms Image
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/event.png?vstevt=0&dup=bb8a0f59-b524-44ca-8520-bb0abafef84c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 16:38:03 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/04/2023 16:38:03

GET
H2 200 dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 8F7C 42 B
494 B 168ms
55ms Image
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672936683400;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8F7C 42 B
64 B 121ms
64ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGl0e6fy2Y8yJJ5Oj7_UPj82I-A2B6ZrlbdyxxP7HEPac16K7MBABIOC96R9gleKQgqAHyAEFqAMByAObBKoErAJP0LwelLrytuI1JwKsxSnauB01UxDVLUW8U33xzbcBaY5SAB04vomloQDEH0Vq6qaCWUSeGjXHF4_DHqGljVCCnVigMiVd21WS42AmY-bA5ZFJi1LqweAat5dyXhjbP5FdPr_67TNAczIARAtG9hqDExjoxb-nA7xndeMxYiSWFM2r14OJIYY6O-LeTjZnCxFZVvS1OEqdA9VjCuRjGCn_Ym6d9YYbaal6Xx5Gm0gsD4PvNJAQlIYrvQqHpGYbDTeD8SnAwjfKYXvIkpaMf03bo_LcamsXy1foXO6CgM5B_aaY4oY4ozADWrdkEzMkYBCwr71gN2uA9mAGcl99Nzet4eOMYc2Phgs7k9DsHmxXIfdJd1IAzfmf9wjqIHaLDwQmHcdeiOCOq82xCH7ABOaYsqf7A-AEA5AGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5e_wRHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&sigh=qKYa3mMt3dI&label=part2viewed&ad_mt=6&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672936683400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4128510.gif
cdn.flashtalking.com/xre/694/6943192/4128510/image/ Frame 8F7C
Redirect Chain

https://servedby.flashtalking.com/imp/1/197104;6943192;201;gifimpid;DV360;DemandCreationPremiereProQ1PremiereProFY23Q1DEDisplayDV360AppetiteLifeTargeted15sVideoVASTCrossPlatformAffinity1920x1080/?f...
https://cdn.flashtalking.com/xre/694/6943192/4128510/image/4128510.gif

42 B
398 B

23ms
18ms

Image
image/gif

184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/694/6943192/4128510/image/4128510.gif
Protocol: HTTP/1.1
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 16:38:04 GMT
Last-Modified: Fri, 18 Nov 2022 08:59:57 GMT
Server: Flashtalking (AKA)
ETag: W/"d89746888da2d9510b64a9f031eaecd5"
Content-Type: image/gif
X-Varnish: 840065934
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 05 Jan 2023 16:58:04 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 16:38:04 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app3.frk11
Access-Control-Allow-Origin: *
Location: https://cdn.flashtalking.com/xre/694/6943192/4128510/image/4128510.gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 05 Jan 2023 16:38:04 GMT

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ Frame 8F7C 70 B
484 B 270ms
32ms Image
image/png 63.34.82.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?D9r.DeviceID=true&D9v.CampID=3175&D9v.CCampID=197104&D9v.ImpID=FFE9C829-5118-3C1D-CD3A-44B4FF58CF7E&D9c=ftVideo&D9c.placementId=6943192&D9c.creativeId=4128510&D9c.confId=0&D9c.privacy=t&D9v.gdpr=FT_GDPR&D9v.gdpr_consent=&D9v.us_privacy=!!US_PRIVACY!&cb=1871448800
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.82.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-82-91.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash: f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 16:38:03 GMT
Server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 70

GET
H/1.1 204
No Content visit.jpg
tpsc-video-eu.doubleverify.com/ Frame 8F7C 0
162 B 112ms
15ms Image
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=15911784&cmp=197104&sid=18330&plc=6943192&adsrv=29&crt=6943192-4128510-0&dup=bb8a0f59-b524-44ca-8520-bb0abafef84c&dvtagver=dvot_2023-01-04_ff909ab1d_6ce8dde&vad=15000&vmftype=video&dvp_infra=do&dvp_zjsver=0.21.17&dvp_psfts=1672936682942&dvp_psfst=ack&vstvr=2.0-i&dvp_blk=1&app=-1&essd=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 16:38:03 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/04/2023 16:38:03

GET
H2 204 /
vtrk.doubleverify.com/ Frame 8F7C 0
167 B 185ms
31ms Image
text/plain 54.246.69.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=bb8a0f59-b524-44ca-8520-bb0abafef84c&el=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F197104%3B6943192%3B208%3Bxml%3BDV360%3BDemandCreationPremiereProQ1PremiereProFY23Q1DEDisplayDV360AppetiteLifeTargeted15sVideoVASTCrossPlatformAffinity1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pbMethods%3D%5BPLAYBACKMETHODS%5D%7C%5BCONTINUOUSPLAY%5D%7C%5BTIMESINCEINTERACTION%5D%26cachebuster%3D%5BCACHEBUSTER%5D&ea=impression&cm114=1&cm115=27&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=29&cd182=vpaid-transformer%400.21.17&cd188=fra1&cd189=do&cd190=15911784&cd191=197104&cd192=18330&cd193=6943192&cd195=1&cd196=3&cd141=%5BAPIFRAMEWORKS%5D&cd142=2023-01-05T16%3A38%3A03.412Z&cd143=2023-01-05T16%3A38%3A03.412Z&z=33702565
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.69.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-69-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 16:38:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8F7C 0
622 B 98ms
51ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5nd7xhgF_cZk2uoDn2AoZIktZroteyXcaAWvMMPuHx8JuyPC7EvNPzb7lOi5ACW7Ij_GtHiiN3h2VgGaSiBT_2QrP_vjsljtd9a5NDJ1D2y5NZ-W5wDct2LRfxG3syn6Abeym-u24PjnYNLKN15__EquAIaPn-Mq-0hQDkAgcJ79vTdTkcPWTvGtBBeqBuoOEg65hL_CfbxsGSIA-ZTg2k46ofDxQdZRZoD5TisJC9YFnDQvnvGycVP7w9mSL86_eaPVh-cC6dAED4J1IRl1UyFlUBJoG99CrBLPsHpO63nhfgBC3cu48JhqlyshFT3p5Jzv25dPrjtBdl2AulsdRED2NEVu8V28N-5HQNk_s97BvsT153G-DDRUex_p51EBVQiPUC_Z35zL7s6-MKIu0A0YTpsJXFqroLMY0QW1blFmmeYomx_5UEPOQ3zDxV8VOq1SYPibc4OdSnLR3ijM1tnPFtqY51GWtMdGUld-OpcuipffYL6i0JmSWs835NKtEs5jZJBJp2esFTeM5COnTvgYeb_0Ej6542qTLTwjL8Cmx7b6aOYs_p4f0owXXPR32mDuCHagO55y5r7UdIsSAjU06punmy1EfX7yfeVxl9S7CSlte3JfbzAaMQFzjyJY030sPkXLa435tzz7IB2YivaMwbw_dg_mL7ytPUrtUmhJGCRGLWbgOLwZ7YUun3EcTfaa63sfCkjzlrx68k9I8O2TxAxK7WRC2I8wT6M1mymZgWOFmDHX18o6MDrZHpUmY3FAriyg_xLai0jwvtnrOzUksFDpnMWj3AwfirU3ZGkO7Nl0AhBjp9XjPUE5HyY_OMnJYmz28GByeODMLqKGGMZx4A9kDYC1FGHphoDjnTng95AUvPrqqoSO2yfj5PxwBickK9ghM6kJdnkY2gRu1HrxpdWdHQbo_sSKA90dKBFzq4Kn1WNaHd4mxgPIfmTuN2q70W6ml2tuWNkpYqNjLLtPjNeQmhJykFSX99YydfgrW2-QTy7REjzXDtWwaNvdOO22qAZmVkxfs3uUFcbK_MNtgL-xp56sXGNb9p0TsJEEtiCWJcVV9rsjyqjwMLUtLTIuGi7U7WuHH4-X0SpJTFl5_CGB-QeW50e46_rmt_Jg1pIHLLqMOz0dh-ixTRJ5_sHFaCk-xInhJgDX6v3hyaN7zqMinYAhXT6Qv_fuGhSfhIObkRtZ7zv5OI9mYcD8JfzT4fmNKMQ9K80ds5XfenvQTXJiyK4XweyFbcN98JXhm7tZWFDogFA5mPUmN8dohbSDssMEu7Vy35LYDeDl2_vy1Oamz5s4KKoCG&sai=AMfl-YQNbo833aZo2ycBRlfFGusNsWMekenzt6qRAOnQ7xN9DhlgNTMPi2kV-FRaUsAeffGJjSwqNoGMZztfAeKilCc7K8B9dgTPdvsnJJhpl6OEEAerBSqaATaOhbShMxWJxcUeUhuiMlgzDtLI5kqQex4dBd4kt5vEc6aKtR_8VWsk1cx83qDE6mVlkCu8gjTz8EfGH13-2BU6VXkJqmz17w__rlAnXYnk4HTLGmRNH0eK9R-ibkZA13UdXAgl978DYUUIPQ-_IYVoi_M4OLZISovtnuwbm8_IR2rPJB8Ijg&sig=Cg0ArKJSzOYgY4v2Sjy_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 8F7C 0
0 113ms
59ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLOG5NoBIAEwAQ&v=APEucNWkWn-Qdoh_myuZThvjxI0ge4oKhV2sTj3Tk-HKv7r1WnCHux2Q3xRH247CDUHLaBB4T3BETKTbZV-6xB3IXZp6bvPmpQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F7C 0
20 B 52ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame 8F7C 42 B
107 B 60ms
59ms Image
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672936683400;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8F7C 42 B
64 B 58ms
50ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqC0y4MtWwXYYJD6HVQ2YUvb21_-5GFf0LNg6z51X1dVmB1WigGDj1JsrtHoo-csl59wr9nWSX34sVq_Odf4uLhe26S0nbZqm10g0nFqPbj5fjK7pEgelutuS_&sai=AMfl-YShlpqdTY6NMS6N9xgg5HFpdunazoi8aWEhfaHFFdky8gTZNPXlgQk9UygCS2GwFXpxV37nmLtC6TBH2sagVYVttHeAXRold5H6A2Cnj6lU-sOsy-6z6IcQwTXX40AHu6CsYJMKcFt7OXmrs7mV&sig=Cg0ArKJSzI-mdqTZ4HemEAE&cid=CAQSTADq26N99JInNfKhHPXwaovR5-yQJCLVq2pMQ0znK3Edhu2ypkp8iCB-ReYveFMy7GP4ZOc0Zhf6-VcR6ZjJYIBviU0UMyffIXT4hSMYASAT&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672936683400&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8F7C 42 B
64 B 122ms
69ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGl0e6fy2Y8yJJ5Oj7_UPj82I-A2B6ZrlbdyxxP7HEPac16K7MBABIOC96R9gleKQgqAHyAEFqAMByAObBKoErAJP0LwelLrytuI1JwKsxSnauB01UxDVLUW8U33xzbcBaY5SAB04vomloQDEH0Vq6qaCWUSeGjXHF4_DHqGljVCCnVigMiVd21WS42AmY-bA5ZFJi1LqweAat5dyXhjbP5FdPr_67TNAczIARAtG9hqDExjoxb-nA7xndeMxYiSWFM2r14OJIYY6O-LeTjZnCxFZVvS1OEqdA9VjCuRjGCn_Ym6d9YYbaal6Xx5Gm0gsD4PvNJAQlIYrvQqHpGYbDTeD8SnAwjfKYXvIkpaMf03bo_LcamsXy1foXO6CgM5B_aaY4oY4ozADWrdkEzMkYBCwr71gN2uA9mAGcl99Nzet4eOMYc2Phgs7k9DsHmxXIfdJd1IAzfmf9wjqIHaLDwQmHcdeiOCOq82xCH7ABOaYsqf7A-AEA5AGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5e_wRHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&sigh=qKYa3mMt3dI&label=vast_creativeview&ad_mt=6&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1672936683400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F7C 0
54 B 353ms
346ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lcjbb27o&c=3160081266608&slotId=1580040633304&qqid=CIyikOXusPwCFZPRuwgdjyYC3w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=171837&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=7&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1s5~videopreviewstarted.1s8
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CC8 42 B
64 B 68ms
46ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVAXf_1YdQh_h70ZLbKXA8lvRC9Jj0lKPEgVUrmr38dFUapInFWu-r-8Ke_rTm66jzhE7OG3Clk481X8R805ubJxQeqThaSogzM3eVg-Xsfqjv3EDW&sig=Cg0ArKJSzBi9CAbnznc6EAE&id=lidar2&mcvt=1011&p=58,436,148,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230104&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2899427188&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672936682310&rpt=88&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F88 0
20 B 51ms
47ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bq3uO6vy2Y8SEOdGS-waIip6YDQAAAAA4AeAEAg&bg=!FBelF1PNAAYDMoyoIzI7ACkAdvg8Wq_KnTzYwhqlyu2JnE0gl1KMiKFD9nICLeO9NXpyUapH0JKTHgIAAAD6UgAAAAdoAQcKAIO2cYKlkF1BkpcLeLqbnoi4gil4pURG9Qj9KNbFQx8XQKFX1zghTCAFpCv5Bw3buHw9ad0VoH1XOZVj1G9YyWWqGMQ0MKMDbWvjrFWcBnsSE-ZAPNH9TOmXmh6CGBaCysXxK1XMyBjLtIS_q6CjUwrfdxIRiPwe_tYv5df2buiVfGH0xpkC7Uvpmzvv7dA3ZhFvXO1ClKdcnpcuG93d7JbSvvOdNRR18n9-30xHo_OESumbrxp-YkXxGwLtr1dNDZY4CbBInIXbp6a9i37ywBAnqKnGZCg_vH5vKCSjrpTxwPXj9l1CxABlKtCg9-PY070Iy94Nhiub5_2QjOb-TDvUsCAZcrovV3K9sCsole1WiePETYe2hVyaK7-sFaDUdssLZLaTZSOVy18zMM7rKPm56BsKvSNtkybZl9BtFcQIaTUqzVy1jBADSCk4YU1dxVvCU1mJzxVEPOpU53WcVeDIUkk2WuKMnEn9UM5j0OS3FGtn0hSafmO8yX4Z_Fp_fV5CSXmbvzVKeLj71mlrk5f_7HA13iGaAL1jQqT0qnFDCHQ4UcmGAjTAXIBaPbAcd8CtgncSdAKM2ky1XsY8H0f1BRQaRZeU3snpbW6wXUvLN5oIMYIKdxy-YcQ2rwOorbM8mXeBTZh6VZzPKTBuLDUSuRShTgBiMJvxo0B5cgPiG6ulFBi_5K7rZ3cNplf8AazCAOq1RDBKTxheSmIgK3GdHmJPD5JEQkiXXEOqnm6Z-J2Wpo3bSAIVzzRAfi3Ue7EXcoTdSvVTJKznD87RFYStkKBFK9GyrL7Dcw60Tg2VrMl2Qm7l1alZV0WuFBiJBvTYWhq6iOYMiimGdCj4pksuwtn4HJdnkKvFOxOcz3R1pWDqV9loe-Vo9Rz9y0yIPKxqEplG7cl86PaFLtZX9gw4YUbQ2MRjvbZWUcmqMEJc1zaGkBQjAWQOpuK-zNNKB3lxX8ewgaCEnZ02Tyo4MHKBz5uwq78O-FrGt-lrPNjuENtiTeR09XIz-RlH4woa4f4uU-8Zd1dSYJoP6L0qA_41QiolBQ3FqQA0ti10AEjZfQ7iMF-6yUe65ufE8lTBH3jHychGojcPGQUMSu7emO_TJKtymniC0xxWowaMB3mpneKaR5NdcCtnlKTNiwRUXi_IllHtMPE5rjprw134KGPg8br5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C990 42 B
64 B 44ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyVUy5g5PJ_v6N6DPevr73L02Pj3qysokvbjbUc1hGNbF_rDkGMnzXUJlmJDXyV2ShVO_I5PktDI4eSZJfTTytVOvmvEo83k6RRW7bZAFtczmr5WyAi732X1qxXnoP9h7D0fXwGA&sai=AMfl-YT_f0G7MFQb8MEztSbhTTvHhNxIwJjwbwXJFVVKnCMVPpuna-efDyWZPBbAAVNzHL49XG6BYJUH1F0BRhp-5_PNMvKBNVfwA_rlEKIG_7GZO3y8hdYzVkcXs1MdsSl3CNjwg8QdN4EpE0R4XvQ&sig=Cg0ArKJSzPg1yqqIqdlVEAE&cid=CAQSSwDq26N9DUMxtRhCtCB8eih8IQFRZHJ83Wyc6Rs0lSHeNF5ejaP0PHwvGgb7v9MWZ91AO8RtaC6h4tDvMFf6acCwvPJqf3DD8Tq4rxgBIBM&id=ampim&o=1042,196&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=276&tls=1276&g=100&h=100&tt=1276&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theeastafrican.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2003,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 8F7C 42 B
63 B 101ms
57ms Image
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2191%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D227%26dur%3D15082%26vmtime%3D2200%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2191%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1672936683400;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8F7C 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqC0y4MtWwXYYJD6HVQ2YUvb21_-5GFf0LNg6z51X1dVmB1WigGDj1JsrtHoo-csl59wr9nWSX34sVq_Odf4uLhe26S0nbZqm10g0nFqPbj5fjK7pEgelutuS_&sai=AMfl-YShlpqdTY6NMS6N9xgg5HFpdunazoi8aWEhfaHFFdky8gTZNPXlgQk9UygCS2GwFXpxV37nmLtC6TBH2sagVYVttHeAXRold5H6A2Cnj6lU-sOsy-6z6IcQwTXX40AHu6CsYJMKcFt7OXmrs7mV&sig=Cg0ArKJSzI-mdqTZ4HemEAE&cid=CAQSTADq26N99JInNfKhHPXwaovR5-yQJCLVq2pMQ0znK3Edhu2ypkp8iCB-ReYveFMy7GP4ZOc0Zhf6-VcR6ZjJYIBviU0UMyffIXT4hSMYASAT&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2191%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D227%26dur%3D15082%26vmtime%3D2200%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2191%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1672936683400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame 8F7C 0
66 B 23ms
22ms Image
text/plain 3.8.79.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?14300;197104;6943192;4128510;0;14;FFE9C829-5118-3C1D-CD3A-44B4FF58CF7E;54834D535753DC;1871448800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.79.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-79-40.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 16:38:07 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tpsc-video-eu.doubleverify.com/ Frame 8F7C 0
162 B 34ms
10ms Image
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/event.png?vstevt=4&dup=bb8a0f59-b524-44ca-8520-bb0abafef84c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 16:38:07 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/04/2023 16:38:07

GET
H3 200 dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3726,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 8F7C 42 B
63 B 56ms
56ms Image
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxKHf5e6w_AIVUcneCh0IhQfTEAAYACCp9ZJXQhMIjKKQ5e6w_AIVk9G7CB2PJgLf;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3726,0,0,0,0%26mtos%3D3726,3726,3726,3726,3726%26amtos%3D0,0,0,0,0%26mcvt%3D3726%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3914%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D54%26pst%3D227%26dur%3D15082%26vmtime%3D3933%26dtos%3D1723%26dtoss%3D2%26dvs%3D1723%26dfvs%3D1723%26dvpt%3D1723%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3726,3726,3726,3726,3726%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3726;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1672936683400;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8F7C 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGl0e6fy2Y8yJJ5Oj7_UPj82I-A2B6ZrlbdyxxP7HEPac16K7MBABIOC96R9gleKQgqAHyAEFqAMByAObBKoErAJP0LwelLrytuI1JwKsxSnauB01UxDVLUW8U33xzbcBaY5SAB04vomloQDEH0Vq6qaCWUSeGjXHF4_DHqGljVCCnVigMiVd21WS42AmY-bA5ZFJi1LqweAat5dyXhjbP5FdPr_67TNAczIARAtG9hqDExjoxb-nA7xndeMxYiSWFM2r14OJIYY6O-LeTjZnCxFZVvS1OEqdA9VjCuRjGCn_Ym6d9YYbaal6Xx5Gm0gsD4PvNJAQlIYrvQqHpGYbDTeD8SnAwjfKYXvIkpaMf03bo_LcamsXy1foXO6CgM5B_aaY4oY4ozADWrdkEzMkYBCwr71gN2uA9mAGcl99Nzet4eOMYc2Phgs7k9DsHmxXIfdJd1IAzfmf9wjqIHaLDwQmHcdeiOCOq82xCH7ABOaYsqf7A-AEA5AGAaAGeYAH_5O14QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5e_wRHQEwDYEwqIFAHYFAHQFQH4FgGAFwE&sigh=qKYa3mMt3dI&label=videoplaytime25&ad_mt=3934&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3726,0,0,0,0%26mtos%3D3726,3726,3726,3726,3726%26amtos%3D0,0,0,0,0%26mcvt%3D3726%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3914%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D54%26pst%3D227%26dur%3D15082%26vmtime%3D3933%26dtos%3D1723%26dtoss%3D2%26dvs%3D1723%26dfvs%3D1723%26dvpt%3D1723%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3726,3726,3726,3726,3726%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D832867651%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3726&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1672936683400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 16:38:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.nation.africa
URL: https://ads.nation.africa/assets/ads/ad.js

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2r_LIvHTKWU
.youtube.com/	1970-01-20 13:01:28	Name: VISITOR_INFO1_LIVE Value: OkO56S3FpqA
.theeastafrican.co.ke/	1970-01-20 08:42:18	Name: __cf_bm Value: 9YglLXSflYIx6C8b6weRejShNNKD6U8002y7aI_AsGM-1672936681-0-AcLOgVdW2+te+CjjZM2Bu/svTQFWnxKb+aQMGVt7m+bFzoyoDnwFB99Kh3CdKFni09QEOgaybJv1B4rl44MYJfikeV4KS0qQnQDE4AiAynr9WR3S2IFVjMC6Dz50fVgVecQvXrkoC5msUL+el9zbVbs=
.theeastafrican.co.ke/	1970-01-20 18:18:16	Name: _ga_ZH5VRJ61ZP Value: GS1.1.1672936681.1.0.1672936681.60.0.0
.theeastafrican.co.ke/	1970-01-20 18:18:16	Name: _ga Value: GA1.1.1819642386.1672936681
.doubleclick.net/	1970-01-20 18:03:52	Name: IDE Value: AHWqTUl-_lc9DSAgmi0h1PLa1bm61ZDE9zmnK4UD-f_fs4iwXFLbA6_BDxBYFg5BJmY
.theeastafrican.co.ke/	1970-01-20 18:03:52	Name: __gads Value: ID=288b8b548dff7426:T=1672936681:S=ALNI_MYJP9ZqTMiMXJsrtIqzuhc4DGTtHA
.theeastafrican.co.ke/	1970-01-20 18:03:52	Name: __gpi Value: UID=00000b9dfa0fe023:T=1672936681:RT=1672936681:S=ALNI_Ma55MjgyFlkfnj-KuBevctRnWl2Tg
.doubleclick.net/	1970-01-20 08:42:20	Name: DSID Value: NO_DATA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.theeastafrican.co.ke/ Message: The resource https://www.youtube.com/iframe_api was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theeastafrican.co.ke/ Message: The resource https://tentacles.smartocto.com/ten/tentacle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theeastafrican.co.ke/ Message: The resource https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theeastafrican.co.ke/ Message: The resource https://www.theeastafrican.co.ke/resource/themes/east-african/js/commons-654256-2.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theeastafrican.co.ke/ Message: The resource https://www.theeastafrican.co.ke/resource/themes/east-african/js/east-african-654258-7.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theeastafrican.co.ke/ Message: The resource https://static.chartbeat.com/js/chartbeat_mab.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67e223a1189a0d54a3b7d0790e028d48.safeframe.googlesyndication.com
ad-events.flashtalking.com
ade.googlesyndication.com
ads.nation.africa
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.ampproject.org
cdn.flashtalking.com
cdnjs.cloudflare.com
csi.gstatic.com
d9.flashtalking.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
imasdk.googleapis.com
pagead2.googlesyndication.com
region1.analytics.google.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
static.chartbeat.com
stats.g.doubleclick.net
tentacles.smartocto.com
tpc.googlesyndication.com
tpsc-video-eu.doubleverify.com
vast.doubleverify.com
vtrk.doubleverify.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theeastafrican.co.ke
www.youtube.com
ads.nation.africa
104.248.39.31
104.96.137.173
142.250.180.194
172.217.18.2
184.30.20.47
2001:4860:4802:34::36
2404:6800:4003:c05::5e
2600:9000:2057:5c00:18:1fcd:351:7bc1
2606:4700::6811:180e
2606:4700::6812:17f1
2a00:1450:4001:801::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400d:802::2016
2a00:1450:400d:806::200a
2a00:1450:400d:808::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2001
2a00:1450:4025:401::9a
3.8.79.40
34.149.12.213
34.251.7.23
54.246.69.241
63.34.82.91
64.233.166.157
01e9f252f54b69f1e4d255da67627054d18f4ab2083cd3a520d2193c435ef813
028206ae611395011e2b8673044076c55c02e189eaaf1ad56a55100ab0705124
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
257dcea81be93c21b20fdda1912f536c80aae5a5c12de4c4b77be2f0356e5320
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28cd9eb80c20577e67262142fb192ec89bca2c8f5dfd4f2f95754544e0376a5c
2cc3dbb803a0b2711cb586f111c2bf102749d997f8213b154f55dde07f51ec40
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34e95aba563e58aa7316b8942a898aae6cf23f417b96640a0d0ae8d7284b7572
3fe10a5846071076e719ca4e4bab90cbf4c8d54ef730191fcea1ed84235528c4
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
44c4c834b5783853533dd21b06efc77b0f35b4f5b05715b2bf22169939ca1569
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
605c6fc9075b707fd1745203a795030abed84a2645097216c440bfbcb9d22390
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a42d88238232f3795af8d556fc0ac934ea981881785ea139edee78b81522672
6d13b4b644e5f8e892f68485e43c2db006df351101f9aa3b14a92d8b5992c952
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72c327e67f9ee4e49c541d870e5af3884e6b3e289b6f14c41d384583d65fb6ef
7884f99963702ff9f2be59ed906bd5ea29258cf58e7fd9bfa35099d1fb7f1a17
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7b0d0e44b8aebbadbf8e5fffd420493e553391db37348b818f646b23b9fb9b3b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83aca63ef9c7b9fcbb00274bfb27b7adb5291881e89bbe3e6883cf33c95c2422
83c72bef80c7e2ca1a8727884866b6a9cf555f3023a60135fe1cf4ec12789e16
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87e1b108605c46d71401b99535848674927289d7c80db26b55756de934385a15
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
93446e17657b68a2ca895048dcc95440bc8c2401e82f6ae4c37dfbea6d95d86a
9f97bd788c8f198be6ea386c11b1f1901299ccd8adcc5b2c3ec36d7ca4edfaba
9fb6148279eb02f14f08f79dd70feb69a28ab7e223bee82e31de88ba08b868f2
9ff2907e3115a02aabd3da2f4863e99cb85d04b5e3b4f6206eeb35fdca5865da
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59e7c6648bcd38ca5a2a16c2b8f5d33ed35a9348468ac6ceb40282c3c649fc9
aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
af9f2a7066b003829dcf819de19d7d524e33734d8b1a332ca546e3a0b1394920
c2119d3d342439bd47cc4bcd6cd1942bd65907453d5fd147c937a537abc79451
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5acd99a0dfbf4d9f44f2feaeedeaf19ade7afdc90389401c089e52c3fe6da44
c7daf632f8c47a84dfabea83b3e82185661689ca2ba1f641eb6bc28897d3081f
c8a1f7d8f0f7c50ef375b9974285a70a25faa75fa8302bb0086aac6f402011d0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d26823cfbfaa0de10cfa044de24a254f5a406360f3536f54916635e7fe16ad2d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8daf75cb5152da84244b9fc502adb0e8462bbfd948622e037c2fba21ba7909b
dacc001e99177a0e66e66d47a32d3bfdc95e93c4bb5636767846db3411becbc1
dbade29e9c0550cda4accb3fc06a9d4db90e2674dbd17621b3779d6c865ba3d4
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dcde74c9faf976821634ebac16fec36aba7c465ba2cc7a0b27a976251b5d4e9b
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e24973161abee07293054c6b58a49f353f8c191cb78455c190768edac71abcec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67e9865877a90940d55dcda569fddf3704c7a4bd298090c1179e9b99ec54362
e78321fdea2ab180ecde5d5b051a8fad036fecf66a5095844995eb5de0fe1f99
e853fb2c82a8139fddded7d1bbf7a6f0b42c4aa60320ca0bdf315c2d6f66f463
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f49eef19a0882f558dc2f7a7838b8aef5c54b6340fe8f3d8d79ef88d402eafe2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5eea227fd7074e6d3ca5c2b994eb2ad526acf12d57a5d04fb9e40f1676cf853
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.theeastafrican.co.ke Open in urlscan Pro 2606:4700::6812:17f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

97 %HTTPS

67 %IPv6

18 Domains

36 Subdomains

33 IPs

7 Countries

3297 kBTransfer

5733 kBSize

9 Cookies

20 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theeastafrican.co.ke Open in urlscan Pro
2606:4700::6812:17f1 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

97 %
HTTPS

67 %
IPv6

18
Domains

36
Subdomains

33
IPs

7
Countries

3297 kB
Transfer

5733 kB
Size

9
Cookies

111 HTTP transactions
8 data transactions