arileht.delfi.ee Open in urlscan Pro
172.67.28.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arileht.delfi.ee/
Effective URL:
https://arileht.delfi.ee/
Submission: On December 12 via api (December 12th 2023, 12:12:28 pm UTC) from US — Scanned from DE

Summary HTTP 206 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 36 IPs in 11 countries across 23 domains to perform 206 HTTP transactions. The main IP is 172.67.28.62, located in United States and belongs to CLOUDFLARENET, US. The main domain is arileht.delfi.ee.
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.

This is the only time arileht.delfi.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	172.67.28.62 172.67.28.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	185.20.100.194 185.20.100.194	199328 (EKSPRESS-...) (EKSPRESS-DIGITAL)
19	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
4	2a02:26f0:ab0... 2a02:26f0:ab00:385::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	51.20.247.195 51.20.247.195	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.22.74.73 104.22.74.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:4222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:c376	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 4	188.68.250.247 188.68.250.247	197226 (SPRINT-SDC) (SPRINT-SDC)
3	20.54.110.135 20.54.110.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1048:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
15	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
3	167.235.124.59 167.235.124.59	24940 (HETZNER-AS) (HETZNER-AS)
1	34.200.73.183 34.200.73.183	14618 (AMAZON-AES) (AMAZON-AES)
3	18.192.242.138 18.192.242.138	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
9	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
6 6	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1 8	167.235.124.23 167.235.124.23	24940 (HETZNER-AS) (HETZNER-AS)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	167.235.124.24 167.235.124.24	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
206	36

45 172.67.28.62 (United States)

ASN13335 (CLOUDFLARENET, US)

arileht.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ee-production-portal-root.s3.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ee-production-portal-custom-page.s3.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ts.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 185.20.100.194 (Estonia)

ASN199328 (EKSPRESS-DIGITAL, EE)
PTR: proxy3.delfi.ee

g.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:ab00:385::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.20.247.195 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-51-20-247-195.eu-north-1.compute.amazonaws.com

sentry.aws.delfi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.22.74.73 (None, )

ASN13335 (CLOUDFLARENET, US)

arileht.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ee-production-portal-root.s3.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4222 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)

experience-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.68.250.247 (Olsztyn, Poland) 1 redirects

ASN197226 (SPRINT-SDC, PL)
PTR: n8250h247.sprintdatacenter.net

sgaee.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.54.110.135 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.delfi.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1048:1 (Germany)

ASN200325 (BUNNYCDN, SI)

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.73.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-73-183.compute-1.amazonaws.com

events.getsitectrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.242.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.212 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.166.17.21 (Amsterdam, Netherlands) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 167.235.124.23 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nue0001.cxense.com

stats-collector.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csyn-r.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

buy-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.124.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0002.cxense.com

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	delfi.ee arileht.delfi.ee g.delfi.ee — Cisco Umbrella Rank: 325669 ee-production-portal-root.s3.delfi.ee — Cisco Umbrella Rank: 456499 images.delfi.ee — Cisco Umbrella Rank: 482439 www.delfi.ee — Cisco Umbrella Rank: 565455 ee-production-portal-custom-page.s3.delfi.ee content.api.delfi.ee — Cisco Umbrella Rank: 606047 s.delfi.ee — Cisco Umbrella Rank: 622212 h.delfi.ee ts.delfi.ee — Cisco Umbrella Rank: 684479 api.delfi.ee — Cisco Umbrella Rank: 492966	4 MB
44	adform.net s1.adform.net — Cisco Umbrella Rank: 8194 adx.adform.net — Cisco Umbrella Rank: 4544 cm.adform.net — Cisco Umbrella Rank: 1211 track.adform.net — Cisco Umbrella Rank: 4289 dmp.adform.net — Cisco Umbrella Rank: 2870	580 KB
16	cxense.com 1 redirects cdn.cxense.com — Cisco Umbrella Rank: 5183 scdn.cxense.com — Cisco Umbrella Rank: 16142 p1cluster.cxense.com — Cisco Umbrella Rank: 9278 comcluster.cxense.com — Cisco Umbrella Rank: 4661 id.cxense.com — Cisco Umbrella Rank: 10741 stats-collector.cxense.com — Cisco Umbrella Rank: 69695 csyn-r.cxense.com — Cisco Umbrella Rank: 47740 api.cxense.com — Cisco Umbrella Rank: 7965	83 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	7 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	224 KB
6	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	4 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	2 KB
5	gemius.pl 1 redirects sgaee.hit.gemius.pl — Cisco Umbrella Rank: 701468 ls.hit.gemius.pl — Cisco Umbrella Rank: 15551	24 KB
5	piano.io experience-eu.piano.io — Cisco Umbrella Rank: 32878 cdn-eu.piano.io — Cisco Umbrella Rank: 49345 id-eu.piano.io — Cisco Umbrella Rank: 65472 c2-eu.piano.io — Cisco Umbrella Rank: 17544 buy-eu.piano.io — Cisco Umbrella Rank: 22111	118 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	776 B
3	bidtheatre.com 3 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901	1 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	436 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	256 KB
3	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 17520 s2.getsitecontrol.com — Cisco Umbrella Rank: 27411	66 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4165 onesignal.com — Cisco Umbrella Rank: 1473	73 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	91 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	getsitectrl.com events.getsitectrl.com — Cisco Umbrella Rank: 19168	773 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 8220	257 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7773	3 KB
1	delfi.net sentry.aws.delfi.net — Cisco Umbrella Rank: 684174	203 B
0	clarity.ms Failed www.clarity.ms Failed
206	23

	Domain	Requested by
27	g.delfi.ee	arileht.delfi.ee g.delfi.ee ee-production-portal-root.s3.delfi.ee ee-production-portal-custom-page.s3.delfi.ee s1.adform.net
25	ee-production-portal-root.s3.delfi.ee	arileht.delfi.ee ee-production-portal-root.s3.delfi.ee
23	images.delfi.ee	arileht.delfi.ee
19	s1.adform.net	arileht.delfi.ee adx.adform.net s1.adform.net
13	track.adform.net	s1.adform.net
9	cm.adform.net	arileht.delfi.ee
7	stats-collector.cxense.com	ee-production-portal-root.s3.delfi.ee
6	ib.adnxs.com	6 redirects
6	pagead2.googlesyndication.com	arileht.delfi.ee pagead2.googlesyndication.com ee-production-portal-root.s3.delfi.ee tpc.googlesyndication.com
4	www.google.de	arileht.delfi.ee
4	sgaee.hit.gemius.pl	1 redirects ee-production-portal-root.s3.delfi.ee sgaee.hit.gemius.pl arileht.delfi.ee
4	content.api.delfi.ee	ee-production-portal-root.s3.delfi.ee
4	arileht.delfi.ee	ee-production-portal-root.s3.delfi.ee
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	match.adsby.bidtheatre.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	x.bidswitch.net	arileht.delfi.ee
3	www.google.com	arileht.delfi.ee tpc.googlesyndication.com
3	stats.g.doubleclick.net	ee-production-portal-root.s3.delfi.ee www.googletagmanager.com
3	www.googletagmanager.com	ee-production-portal-root.s3.delfi.ee www.google-analytics.com www.googletagmanager.com
3	s.delfi.ee	ee-production-portal-root.s3.delfi.ee arileht.delfi.ee
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com
3	cdn.cxense.com	arileht.delfi.ee scdn.cxense.com cdn.cxense.com
2	adx.adform.net	arileht.delfi.ee s1.adform.net
2	region1.analytics.google.com	www.googletagmanager.com
2	www.facebook.com	arileht.delfi.ee
2	connect.facebook.net	ee-production-portal-root.s3.delfi.ee connect.facebook.net
2	l.getsitecontrol.com	ee-production-portal-root.s3.delfi.ee
2	www.google-analytics.com	ee-production-portal-root.s3.delfi.ee
2	cdn.onesignal.com	ee-production-portal-root.s3.delfi.ee cdn.onesignal.com
1	api.cxense.com	scdn.cxense.com
1	buy-eu.piano.io	ee-production-portal-root.s3.delfi.ee
1	dmp.adform.net	arileht.delfi.ee
1	csyn-r.cxense.com	1 redirects
1	id.cxense.com	scdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	ls.hit.gemius.pl	sgaee.hit.gemius.pl
1	events.getsitectrl.com	ee-production-portal-root.s3.delfi.ee
1	p1cluster.cxense.com	cdn.cxense.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	c2-eu.piano.io	ee-production-portal-root.s3.delfi.ee
1	id-eu.piano.io	cdn-eu.piano.io
1	c.cintnetworks.com	arileht.delfi.ee
1	api.delfi.ee	ee-production-portal-root.s3.delfi.ee
1	ts.delfi.ee	arileht.delfi.ee
1	h.delfi.ee	arileht.delfi.ee
1	cdn-eu.piano.io	experience-eu.piano.io
1	scdn.cxense.com	ee-production-portal-root.s3.delfi.ee
1	experience-eu.piano.io	ee-production-portal-root.s3.delfi.ee
1	ee-production-portal-custom-page.s3.delfi.ee	arileht.delfi.ee
1	www.npttech.com	ee-production-portal-root.s3.delfi.ee
1	onesignal.com	cdn.onesignal.com
1	www.delfi.ee	ee-production-portal-root.s3.delfi.ee
1	sentry.aws.delfi.net	ee-production-portal-root.s3.delfi.ee
0	www.clarity.ms Failed	ee-production-portal-root.s3.delfi.ee
206	55

This site contains links to these domains. Also see Links.

Domain
track.adform.net
delfimeedia.ee
ilmateade.delfi.ee
www.delfi.ee
www.delfimeedia.ee
reisijuht.delfi.ee
lood.delfi.ee
tasku.delfi.ee
lehed.delfi.ee
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
delfi.ee E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.delfi.ee Sectigo RSA Domain Validation Secure Server CA	`2023-07-13` - `2024-07-12`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.aws.delfi.net Amazon RSA 2048 M02	`2023-04-28` - `2024-05-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
npttech.com GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
s.delfi.ee R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-08-08` - `2024-02-08`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.getsitectrl.com Amazon RSA 2048 M02	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://arileht.delfi.ee/
Frame ID: A0812DFE41278746D28A04BEAA23B7C8
Requests: 147 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 443499ABBA90AB28B01B14187FF7CF8E
Requests: 1 HTTP requests in this frame

Frame: https://www.delfi.ee/shared.html
Frame ID: B03535A10C4591B1714AB8893F22ED18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5295995486288553&output=html&adk=1812271804&adf=3025194257&lmt=1702383121&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Farileht.delfi.ee%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702383142069&bpp=2&bdt=627&idt=239&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1294139748529&frm=20&pv=2&ga_vid=296251416.1702383142&ga_sid=1702383142&ga_hid=337052467&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C31079438%2C31079714%2C31079865%2C31079921%2C42532523%2C44785294%2C95320884&oid=2&pvsid=4067557831568727&tmod=2031781848&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: 4E63C0DF3187A5F7BEF554B9C04D12A9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 039E8B37700A023F65CA50210CC7125B
Requests: 4 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?mid=562978&mkw=channel_vue,channel_arileht,logged_out,channel_frontpage,arileht_frontpage&mkv=channel:arileht,user_type:m-tellija,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:arileht_001,chn_fp_pos:arileht_001&adid=e53372b9-733b-4e38-8b6a-e53d5094cc40
Frame ID: 2D1A9B60ED2904569305617994D4B0D5
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Frame ID: 279D5F53A62F4007A71539CE16A528D3
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/146996/3171744/scroller.js?bn=69864856;v=1
Frame ID: 8081964D775F2AE9F0DBF601D25348AE
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/146996/2932089/siteheader.js?bn=69932513;v=1
Frame ID: DCC6B80EA4FC75203534D7F1440D063C
Requests: 12 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 50BA2EEB02DE0CFDD1BB90B2D87232ED
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068607/13955944/main/13955944.js?ADFassetID=13955944&bv=770
Frame ID: 9DF0D2E9B2ED38B458EB61EB61B59C05
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2029728/13989190/main/13989190.js?ADFassetID=13989190&bv=514
Frame ID: CF090B7557D336772BFE8845738634E1
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01743C94D6F0D51E2B293564959B009A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7F4344C633F1E128182D3ACEBF07938
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ärileht

Page URL History Show full URLs

http://arileht.delfi.ee/ HTTP 307
https://arileht.delfi.ee/ Page URL

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

206
Requests

93 %
HTTPS

47 %
IPv6

23
Domains

55
Subdomains

36
IPs

11
Countries

5435 kB
Transfer

11783 kB
Size

39
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://track.adform.net/C/?bn=69864856;crtbwp=17nOlXG9bA41;crtbdata=qLXum2p1o-SIx4E20qX4pM8EcRrXrPt2a1HjJy5WwjsSgb4uBtizh4p-Brszzkeatbm7gTk-Dnw34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2;ccsid=94578;adfibeg=0;cdata=kRH-1FPWP5HqMu5BUqxrzIo9NSnGlCWNw3t6BEb4UKqhp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-3-3WLDQiGJt7CJ_XISyzJcu2H6DIly3xdLaj9fCutKvk76LGE2rz90vHIHCBVQ8umHUjAE5VxHcbhEnHBqmmKQd3QVlL8eZs2IbrvrJir9micsP9buESXJDakso8n0QB0frY8xKExBx2VOyP9jvq1ZxhlJOjUWvuDct4G6wz_va2PCIyf_fkQnukqt4b3AzWKtNU6zNhHvzfHOQRHp-bqgJXq45KarIr8OIFb1H-pJaQEc9Dqz5031txjtJ3gySGYpoVABKyXggjERtTeSFg5HP5pUiLVXMNGxm2g4JXhzWqwFf8_u9_iFj-zWaIHaztnYn3Y1rSzdJjl9wUpotS3UA2cfNYixJPcyse4EfaRdKDjdo-6N7RrhfBS22T1yOrxbkN650_qB7R3ytyFmHs2--QoCqhwrrj4rDKXVQJaX4Z83GmFH8NM2Tck-wu41cTvhAUCrojo_A8jf56blEcpH5E6SdM-CAo_8wyBcwKNY9pp_iBFaGSR-WZhxgSgulfmwpWLcD7CbOTXDcl-ynJIRNwxPnMDGDY1fcxNJv_TqD4WjvMphhmLH_gI328UwBzCnf4dx0c6366l1yZa3uozDp7QC-AaBWBUthncSsQAVGy4KO51hvhxgy3m8MCb_3vtXQ8wdXFhqJrAZDlFqAHOlyoSuautzBfMDg4K63XCIQ5D5Wg03Nk13hQW6FXjSrzw2;;fc=1;CREFURL=https%3a%2f%2farileht.delfi.ee%2f;C=1

Search URL Search Domain Scan URL

URL: https://track.adform.net/C/?bn=69932513;crtbwp=vR5KWVVM5-81;crtbdata=zDPfQtTlILlXNJOZUu2Sv5b3EfWiQ6QRSMPPtoq8saiaYXGdg6Q7iIp-BrszzkeaD8GeUHYXp2k34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2;ccsid=87883;adfibeg=0;cdata=dAAZXn0cUzurRs3ge5Igu9Hnv0JmSigHtQvNndWGuEChp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-3-3WLDQiGJtir7NruHJmMou2H6DIly3xdkel1qk8Ut0RoZ8TrOdWKraFxzq7Th4-yB5135ylnNpbhEnHBqmmKQd3QVlL8eZs2IbrvrJir9mksgfRD3GLn03AboLYfzDvhAHCBAM7qtq3fdEMKi36XWkv6Pl-2cO0COzUVLf_yoKWYYi3St_TRPukqt4b3AzWKtNU6zNhHvzfHOQRHp-bqgJXq45KarIr8OIFb1H-pJaQEc9Dqz5031txjtJ3gySGYpoVABKyXggjERtTeSFg5HP5pUiLVXMNGxm2g4JXhzWqwFf8_u9_iFj-zWaIHaztnYn3Y1rSzdJjl9wUpotS3UA2cfNYixJPcyse4EfaRdKDjdo-6N7RrhfBS22T1yOrxbkN650_qB7R3ytyFmHs2--QoCqhwrrj4rDKXVQJaX4Z83GmFH8NM2Tck-wu41cTvhAUCrojo_A8jf56blEcpH5E6SdM-CAo_8wyBcwKNY9pp_iBFaGSR-WZhxgSgulfmwpWLcD7CbOTXDcl-ynJIRNwxPnMDGDY7s2QGpt-Uw0dTwomsFaIjIp3-HcdHOt-updcmWt7qMw6e0AvgGgVgVLYZ3ErEAFRsuCjudYb4cYMt5vDAm_977V0PMHVxYaiawGQ5RagBzpcqErmrrcwXwW9wW6z2rft-Q-VoNNzZNd4UFuhV40q881;;fc=1;CREFURL=https%3a%2f%2farileht.delfi.ee%2f;C=1

Search URL Search Domain Scan URL

URL: https://delfimeedia.ee/andmekaitsetingimused/
Title: siin

Search URL Search Domain Scan URL

URL: https://ilmateade.delfi.ee/?utm_source=Delfi&utm_medium=top_navigation_link
Title: Ilmateade

Search URL Search Domain Scan URL

URL: https://www.delfi.ee/
Title: Delfi

Search URL Search Domain Scan URL

URL: https://www.delfi.ee/vihje/
Title: Saada vihje

Search URL Search Domain Scan URL

URL: https://www.delfimeedia.ee/kontakt/
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://delfimeedia.ee/kontakt/reklaam/#veebi_reklaam
Title: Reklaam

Search URL Search Domain Scan URL

URL: https://reisijuht.delfi.ee/
Title: Reisijuht

Search URL Search Domain Scan URL

URL: https://www.delfi.ee/telli?type=paber&utm_source=Arileht&utm_medium=telli_button
Title: Telli

Search URL Search Domain Scan URL

URL: https://www.delfi.ee/telli?utm_source=mobile&utm_medium=button&utm_campaign=telli_mobile&utm_id=telli_kogupakett
Title: Telli kogupakett

Search URL Search Domain Scan URL

URL: https://reisijuht.delfi.ee/artikkel/120253858/selgus-kus-euroopas-raagitakse-koige-paremini-ja-halvemini-inglise-keelt
Title: Selgus, kus Euroopas räägitakse kõige paremini ja halvemini inglise keelt

Search URL Search Domain Scan URL

URL: https://reisijuht.delfi.ee/artikkel/120253858/selgus-kus-euroopas-raagitakse-koige-paremini-ja-halvemini-inglise-keelt/kommentaarid
Title: (39)

Search URL Search Domain Scan URL

URL: https://www.delfi.ee/viimased
Title: Viimased

Search URL Search Domain Scan URL

URL: https://lood.delfi.ee/
Title: Delfi Lood

Search URL Search Domain Scan URL

URL: https://tasku.delfi.ee/
Title: Tasku

Search URL Search Domain Scan URL

URL: https://delfimeedia.ee/kontakt/reklaam/#veebi_reklaam?utm_source=Delfi&utm_medium=footer_link
Title: Reklaam

Search URL Search Domain Scan URL

URL: https://www.delfimeedia.ee/kontakt/?utm_source=Delfi&utm_medium=footer_link
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://lehed.delfi.ee/products/delfi-kogupakett?utm_source=Arileht&utm_medium=footer_tellimine
Title: Tellimine

Search URL Search Domain Scan URL

URL: https://delfimeedia.ee/uldtingimused/?utm_source=Delfi&utm_medium=footer_link
Title: Üldtingimused

Search URL Search Domain Scan URL

URL: https://www.delfimeedia.ee/talent/?utm_source=Delfi&utm_medium=footer_link
Title: Tööpakkumised

Search URL Search Domain Scan URL

URL: https://www.facebook.com/majandus/

Search URL Search Domain Scan URL

URL: https://twitter.com/DelfiMajandus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arileht.delfi.ee/ HTTP 307
https://arileht.delfi.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1

Request Chain 141

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4594740078877378484

Request Chain 142

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
https://cm.adform.net/pixel?adform_pid=18&adform_pc=fb5d74b3-b67e-4764-afe7-858c4192453e

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1

Request Chain 146

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
https://cm.adform.net/pixel?adform_pid=16&adform_pc=6132315279969385889

Request Chain 147

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
https://cm.adform.net/pixel?adform_pid=18&adform_pc=de36d233-b7b0-46f3-8b7c-edcb85adbc02

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1

Request Chain 151

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4876918172063648353

Request Chain 152

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
https://cm.adform.net/pixel?adform_pid=18&adform_pc=ac51bd77-d149-492d-85f1-99187e07604e

Request Chain 166

https://sgaee.hit.gemius.pl/_1702383143795/rexdot.js?l=106&sendf=24&id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Farileht.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=BRcWfXLSILKYu6aO1zTF8XSD4Nhl4ZaQZY7HBchaszj.975.LLTac_ayxraIFDl9lCSBwoaEED3fdgtV78UIIyO.P1Gg/euGEraLmLETZ0/&fpdata=nHaxA4LuF4IZSTfPlljcHMvsuM083inNTCXU8QT2Jk..E7&ltime=228&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65784e2721bf6731&brts=1702383143&fpcap= HTTP 301
https://sgaee.hit.gemius.pl/__/_1702383143795/rexdot.js?l=106&sendf=24&id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Farileht.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=BRcWfXLSILKYu6aO1zTF8XSD4Nhl4ZaQZY7HBchaszj.975.LLTac_ayxraIFDl9lCSBwoaEED3fdgtV78UIIyO.P1Gg/euGEraLmLETZ0/&fpdata=nHaxA4LuF4IZSTfPlljcHMvsuM083inNTCXU8QT2Jk..E7&ltime=228&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65784e2721bf6731&brts=1702383143&fpcap=

Request Chain 176

https://csyn-r.cxense.com/?cxsite=1145189970857384309&partnerId=csr&cxckp=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=12s7c48z1mkng2q939k2jsbds

206 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arileht.delfi.ee/
Redirect Chain

http://arileht.delfi.ee/
https://arileht.delfi.ee/

803 KB
259 KB

169ms
94ms

Document
text/html

172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4480dd9c50ef6b44672d16290c1a2b4901e3d19350a4dffdff54de6a505f66cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=30, stale-while-revalidate=60, stale-if-error=3600
cf-cache-status: HIT
cf-ray: 8345e0088d5e1e50-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 12:12:21 GMT
last-modified: Tue, 12 Dec 2023 12:12:01 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 194

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://arileht.delfi.ee/
Non-Authoritative-Reason: HSTS

GET
H2 200 inter.css
g.delfi.ee/fonts/inter/ 3 KB
569 B 263ms
92ms Stylesheet
text/css 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/inter/inter.css
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 1f4a93acd6eee48d66e7b64e5f8631ea21b6190d013ee7b85debf7ad35efe424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:28:37 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 10:05:08 GMT
server: DWS
age: 17024
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 383
expires: Fri, 24 Nov 2023 19:26:25 GMT

GET
H2 200 roboto.css
g.delfi.ee/fonts/roboto/ 7 KB
743 B 261ms
91ms Stylesheet
text/css 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/roboto/roboto.css
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 46ab61748e150272aab5c0224e72d0c8a3c6df9f40277db62a52f9f7b02ee637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:28:00 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 09:51:17 GMT
server: DWS
age: 17061
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 556
expires: Fri, 24 Nov 2023 19:26:23 GMT

GET
H2 200 arileht-root-variables-css.css
ee-production-portal-root.s3.delfi.ee/1.6.20/ 3 KB
974 B 211ms
166ms Stylesheet
text/css 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/arileht-root-variables-css.css

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0e636d47dcf360c9613ef1ab13d8fca08f30698b508ccd58a986078cfb8c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"4e689008e1f19b63e9bdbe1b73332402"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e00a6fdd1e50-FRA
x-amz-cf-id: lbhH5yjnFvZlbd-UDLFpXu7JQe35vkUsqU7Ek9KBB8BQCFBY0j5f5g==

GET
H2 200 main-root-styles.css
ee-production-portal-root.s3.delfi.ee/1.6.20/ 103 KB
17 KB 121ms
75ms Stylesheet
text/css 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/main-root-styles.css

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db28549ce8498f3becd03d79342144db24baddef92bb5a8e9848c0cefda356e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 a5feee427fe9cff4e87dc473d3d3e300.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"c09d1d4a681d35b99bcad86224a10528"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e00a6fe21e50-FRA
x-amz-cf-id: p_LESkSQ7mt_3taofQ1aOgd-Ty91AA8wev3NicxLtHTnvmF2wrrs0w==

GET
H2 200 / Show response
g.delfi.ee/scms/ 92 KB
33 KB 306ms
136ms Script
application/x-javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/scms/?g=j
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 39235861d9bc9a21651d032048c05298d7018a1a70de913b10fd48902e0cd339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:11:57 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2015 13:19:47 GMT
server: DWS
age: 24
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1800
accept-ranges: bytes
content-length: 33447
expires: Tue, 12 Dec 2023 12:41:57 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 62 KB
26 KB 183ms
77ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 06:47:18 GMT
server: nginx
x-amz-request-id: tx00000173ebccfd2c15d9e-006461d90b-3295a825-default
etag: W/"cd30185b4774b9eb12ea46ca45e76972"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
g.delfi.ee/scms/ 40 KB
11 KB 263ms
93ms Script
application/x-javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/scms/?g=afp.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 560bdccee876b5a023db9bc53c2522c5df93ed761f9a39499a829aa01b8523cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:26:31 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 10:11:54 GMT
server: DWS
age: 17149
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1800
accept-ranges: bytes
content-length: 11479
expires: Tue, 12 Dec 2023 07:56:31 GMT

GET
H2 200 / Show response
g.delfi.ee/scms/ 3 KB
1 KB 348ms
178ms Script
application/x-javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/scms/?g=topbar
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 128fe826f7377e487b7bf20d8a42b8f6c5acdb47def31508215d4e2a92a4e3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:11:55 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 07:46:40 GMT
server: DWS
age: 26
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1288
expires: Tue, 12 Dec 2023 12:41:55 GMT

GET
H2 200 c.js Show response
g.delfi.ee/js/ 698 B
630 B 304ms
134ms Script
application/javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/js/c.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 859ca09d35e47fed4262ed3230d408da83dc76731555d4a22663f8f54ab61b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:27:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Sep 2018 07:36:30 GMT
server: DWS
age: 17062
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 430
expires: Fri, 24 Nov 2023 19:26:27 GMT

GET
H/1.1 200
OK ari_a.js Show response
cdn.cxense.com/ 19 KB
6 KB 79ms
27ms Script
application/x-javascript 2a02:26f0:ab00:385::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/ari_a.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:385::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 12a40b8d278e4c06e144e9474990b8dfb3bb5b2a424995d9ef7491e221a3fb74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 12:12:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2022 07:32:02 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5388
Expires: Tue, 12 Dec 2023 13:12:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 153ms
102ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542bc78090fbaf2abb14730934eaf457bd836fcaa63a27a02e342fd9c292e441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51755
x-xss-protection: 0
server: cafe
etag: 8114053804176319867
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 12:12:21 GMT

GET
H2 200 runtime.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/ 8 KB
2 KB 109ms
64ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63fbe25c1b424661f9e901e7cb1c20ef4a3b65de588d890cc0e3edd846e37adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
cf-polished: origSize=8432
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: W/"c7c0e41614f1abd46aa208c144dccc34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00a6fed1e50-FRA
x-amz-cf-id: TOuX7lLUQ-XB1uAi2n2eN5RIIVf2lt6ysH87pKwe7PFlGqBN6ipTww==

GET
H2 200 app.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/commons/ 295 KB
101 KB 102ms
57ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/commons/app.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8756fc296010be508913429f8624bf43b17f1685b71052495511058dbf9c7693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 cb867cfec78eb078033d4ae0c86dfaa0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: TLV50-C2
cf-polished: origSize=302202
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"7a3ebb288a88a0b8fb5098dcb7641df4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00a6fe91e50-FRA
x-amz-cf-id: YgoW8KU-RGUZnDvqE9MH60OZYHXGd1_yy5QiH5ZNwIPAYgrUJ9p5yw==

GET
H2 200 app.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/ 1 MB
304 KB 114ms
69ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44cf1d01b1191b0e352d26b0689908f284ae6922b56cd33b7824287008545a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
cf-polished: origSize=1116963
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: W/"6563365579ecf627c0027da705eae58d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00a6fe81e50-FRA
x-amz-cf-id: Q8OMECxMtYxjgb4PyVuaNn4BDg9VLOeoaLKga-CJKWUQgIqqLPrTuA==

GET
H2 200 app.css
ee-production-portal-root.s3.delfi.ee/1.6.20/ 141 KB
22 KB 211ms
166ms Stylesheet
text/css 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.css

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5381eb127a4bb32967d39083c6c376d410a4da1177b77cb17544e2f272791f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 709380ea5bd18c88e4b28c987d105856.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: TLV50-C2
cf-polished: origSize=144574
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"f76368f20f3daa5fb950f9af323befea"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e00a6fe11e50-FRA
x-amz-cf-id: dwaV1SmMsxLrek6fDh-ClDD5PSBb0j2mYBoBYzMH7tn235U1h9_9mg==

GET
H2 200 app.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/ 958 KB
181 KB 153ms
109ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d682fe10a6dd5f826f84524261ba7463d4daeea019cd9c63f1b2612a3d02fcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 4d5db5d8b78e0b583e041b582e55cfc6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: TLV50-C2
cf-polished: origSize=980593
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"7b84ba4280dff2239d6eb4c33debb743"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00a6fea1e50-FRA
x-amz-cf-id: V2opGtzKToAJHDabkvhXueqAaUMOCwuGaVcfX8cDfIJWWN77uOnUXg==

GET
H2 200 Frontpage.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 2 KB
1 KB 86ms
42ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Frontpage.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40eb4049038f295d2363a23fc2d41e547df791b6e01c0316534421d65ffc80e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 24
cf-polished: origSize=1891
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"6d9ab310ac9954330b1a287eaac5bede"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00a6fe51e50-FRA
x-amz-cf-id: 2xQvpD_uzZK3phZ0ZBpma0UyrfpndRUfCG750w8IllglSxZvyqGHVA==

GET
H2 200 Frontpage.css
ee-production-portal-root.s3.delfi.ee/1.6.20/page/Category/page/ 2 KB
756 B 84ms
40ms Stylesheet
text/css 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Category/page/Frontpage.css

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5241226dd12405879bb458ea98564b363310e2b7c2e7696e694180715f1b975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 24
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"f0e825bdf0c93973fa5cfe0aeb1a8696"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e00a6fdf1e50-FRA
x-amz-cf-id: vcoWtKoQhK6tdq14kanpHb2-MCC6QPRDQqRKl0KmCQ32ILxNchnpCQ==

GET
H2 200 Frontpage.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/Category/page/ 15 KB
4 KB 82ms
38ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Category/page/Frontpage.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17b32322c5a1b687c198ac0d49f5b2eda3e8dedbedfdc010543840b855306432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 24
cf-polished: origSize=15525
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"2e71c5946bc41adfea023a104570f3bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00a6fe71e50-FRA
x-amz-cf-id: OcD4xHHQEIk9wBdzVgpnPiL7Pixs7Kr6ucxPmLbc--78xGJ0XR_qjw==

GET
H2 200 arileht-ua2.svg
g.delfi.ee/pr/l/ 7 KB
3 KB 160ms
159ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/pr/l/arileht-ua2.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: daabae9c72338dac1d1227e4269fc43b20651e0ccbed5a3f9a45593250aa494e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:09:26 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 13:30:53 GMT
server: DWS
age: 175
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 2972
expires: Fri, 24 Nov 2023 19:26:26 GMT

GET
H2 200 2XSIWZ_home-v2.svg
g.delfi.ee/wd/f/16537/ 1 KB
821 B 115ms
115ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/2XSIWZ_home-v2.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: cdd9258e1dff12b31b6033b9062f211ca59beba17e118ad46d2363b376b213d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:31:48 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 12:45:44 GMT
server: DWS
age: 2432
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 628
expires: Fri, 24 Nov 2023 19:26:24 GMT

GET
H2 200 KJ2QRM_home-active-v2.svg
g.delfi.ee/wd/f/16537/ 627 B
551 B 45ms
45ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/KJ2QRM_home-active-v2.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 6f60b024b9991c6c8235adc277353ad6624bfa4f2c3384e1ee1e107131dcb5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:25:11 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 12:45:44 GMT
server: DWS
age: 2830
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 358
expires: Fri, 24 Nov 2023 19:26:21 GMT

GET
H2 200 GWQJGU_all-news.svg
g.delfi.ee/wd/f/16537/ 911 B
519 B 45ms
45ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/GWQJGU_all-news.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: b318b43a62302eba28a5b555ac5bf701feb1c17717036f6ca1f4c706ad941a28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:32:50 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 09:06:35 GMT
server: DWS
age: 2371
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 326
expires: Fri, 24 Nov 2023 19:26:27 GMT

GET
H2 200 QEZ2DC_all-news-active.svg
g.delfi.ee/wd/f/16537/ 1 KB
539 B 46ms
45ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/QEZ2DC_all-news-active.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 7665a78398ac9159d54d1ebca3f257a5fbe564425cbef3492508e288c0439cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:23:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 09:06:35 GMT
server: DWS
age: 2938
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 346
expires: Fri, 24 Nov 2023 19:26:25 GMT

GET
H2 200 JK8AMG_delfilood.svg
g.delfi.ee/wd/f/16537/ 1 KB
684 B 46ms
45ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/JK8AMG_delfilood.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 2104d9aaf5fcab52fe117d506a269f558e21e3f42f3f454259ad1c5c9c64f918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:23:29 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 11:45:20 GMT
server: DWS
age: 2932
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 491
expires: Fri, 24 Nov 2023 19:26:27 GMT

GET
H2 200 6XEMHP_delfilood_active.svg
g.delfi.ee/wd/f/16537/ 1 KB
692 B 48ms
47ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/6XEMHP_delfilood_active.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: eefe2ebf1331b2a7ec6879e14a07d4f5d156770f35a963513b0e22b1842d5d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:27:34 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 11:45:20 GMT
server: DWS
age: 2687
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 499
expires: Fri, 24 Nov 2023 19:26:27 GMT

GET
H2 200 S42S2Z_podcast.svg
g.delfi.ee/wd/f/16537/ 1 KB
623 B 47ms
46ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/S42S2Z_podcast.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: f40c3b015d6e8c72266faba574e542db76b3daa4caf1b78e0e7a238bde551734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:33:44 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 10:37:01 GMT
server: DWS
age: 2317
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 430
expires: Fri, 24 Nov 2023 19:26:24 GMT

GET
H2 200 Y4JJTD_podcast-active.svg
g.delfi.ee/wd/f/16537/ 1 KB
627 B 48ms
48ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/wd/f/16537/Y4JJTD_podcast-active.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 3c0ad20ae45f1d4f63e2221c62145aecec2274ca544c2d9a976fbb13656b8825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:36:39 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 10:37:01 GMT
server: DWS
age: 2142
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 434
expires: Fri, 24 Nov 2023 19:26:24 GMT

GET
DATA 200
OK truncated
/ 151 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df7c1d5e1d2f0e6b471453b898655d1c38bce64114821f42bd9f7e7412f5644b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 inter-v7-latin-ext_latin-regular.woff2
g.delfi.ee/fonts/inter/ 33 KB
33 KB 139ms
47ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/inter/inter-v7-latin-ext_latin-regular.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5

Request headers

Referer: https://g.delfi.ee/fonts/inter/inter.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:11:53 GMT
last-modified: Wed, 23 Feb 2022 08:03:32 GMT
server: DWS
age: 28
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 33580
expires: Fri, 24 Nov 2023 19:26:25 GMT

GET
H2 200 inter-v7-latin-ext_latin-600.woff2
g.delfi.ee/fonts/inter/ 36 KB
36 KB 227ms
135ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/inter/inter-v7-latin-ext_latin-600.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812

Request headers

Referer: https://g.delfi.ee/fonts/inter/inter.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:11:56 GMT
last-modified: Wed, 23 Feb 2022 08:03:32 GMT
server: DWS
age: 25
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 36488
expires: Fri, 24 Nov 2023 19:26:25 GMT

GET
H2 200 inter-v7-latin-ext_latin-500.woff2
g.delfi.ee/fonts/inter/ 35 KB
36 KB 272ms
180ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/inter/inter-v7-latin-ext_latin-500.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2

Request headers

Referer: https://g.delfi.ee/fonts/inter/inter.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:08:28 GMT
last-modified: Wed, 23 Feb 2022 08:03:32 GMT
server: DWS
age: 233
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 36304
expires: Fri, 24 Nov 2023 19:26:24 GMT

GET
H2 200 inter-v7-latin-ext_latin-700.woff2
g.delfi.ee/fonts/inter/ 36 KB
36 KB 227ms
135ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/inter/inter-v7-latin-ext_latin-700.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a

Request headers

Referer: https://g.delfi.ee/fonts/inter/inter.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:08:08 GMT
last-modified: Wed, 23 Feb 2022 08:03:32 GMT
server: DWS
age: 253
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 36520
expires: Fri, 24 Nov 2023 19:26:27 GMT

GET
H2 200 roboto-v29-latin-ext_latin_cyrillic-regular.woff2
g.delfi.ee/fonts/roboto/ 49 KB
49 KB 312ms
225ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/roboto/roboto-v29-latin-ext_latin_cyrillic-regular.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/roboto/roboto.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer: https://g.delfi.ee/fonts/roboto/roboto.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:09:09 GMT
last-modified: Wed, 23 Feb 2022 07:47:34 GMT
server: DWS
age: 192
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 50240
expires: Fri, 24 Nov 2023 19:26:21 GMT

GET
H2 200 969a88c2-04cb-4545-96aa-a07fead2f739.jpg
images.delfi.ee/media-api-image-cropper/v1/ 82 KB
82 KB 70ms
45ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/969a88c2-04cb-4545-96aa-a07fead2f739.jpg?noup&w=1264&h=711

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd7427bc5f31a03b9f70ecb10ee0ead32fc556a65671e84e807c446bab386e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 821
cf-polished: origSize=85755
x-envoy-upstream-service-time: 332
alt-svc: h3=":443"; ma=86400
content-length: 83948
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 11:53:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d0b6a1e50-FRA

GET
H2 200 c4f070d0-cca7-11ed-88c2-fdedb9a4494d.jpg
images.delfi.ee/media-api-image-cropper/v1/ 61 KB
61 KB 69ms
44ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/c4f070d0-cca7-11ed-88c2-fdedb9a4494d.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b64dc048da92305621cdfa9e21c7ecd2908029a3adc84d94dfc6540bd688fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3513
cf-polished: origSize=64148
x-envoy-upstream-service-time: 352
alt-svc: h3=":443"; ma=86400
content-length: 62208
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 11:11:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d0b6c1e50-FRA

GET
H2 200 db5d523d-3ce7-4820-aad9-03fdbedc76c1.jpg
images.delfi.ee/media-api-image-cropper/v1/ 86 KB
87 KB 73ms
48ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/db5d523d-3ce7-4820-aad9-03fdbedc76c1.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2d6547f57b0c09659f377c3d9404164e10214f30dfdc8452505219720eca86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 821
cf-polished: origSize=91552
x-envoy-upstream-service-time: 240
alt-svc: h3=":443"; ma=86400
content-length: 88538
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 10:57:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d0b711e50-FRA

GET
H2 200 c09a1ac0-376b-4108-9624-95890b21a0c9.jpg
images.delfi.ee/media-api-image-cropper/v1/ 169 KB
169 KB 66ms
40ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/c09a1ac0-376b-4108-9624-95890b21a0c9.jpg?noup&w=1264&h=711

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9ec88051dfedbbe20b837b44831a289610d506325c6b5bd6ad4725bfb03ef4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7315
cf-polished: origSize=181021
x-envoy-upstream-service-time: 105
alt-svc: h3=":443"; ma=86400
content-length: 172863
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 09:38:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d0b6e1e50-FRA

GET
H2 200 865eb644-3fb2-44f5-bd2b-8422700d6edf.jpg
images.delfi.ee/media-api-image-cropper/v1/ 159 KB
160 KB 62ms
37ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/865eb644-3fb2-44f5-bd2b-8422700d6edf.jpg?noup&w=1264&h=711&ch=0.8471&cw=1&cx=0&cy=0.0095&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e57fb6f45f89bd71c4d0612550c88e64a84b5c21caf8d62fd72e865e0c5a0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6476
cf-polished: origSize=169083
x-envoy-upstream-service-time: 149
alt-svc: h3=":443"; ma=86400
content-length: 163059
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 09:57:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d0b721e50-FRA

GET
H2 200 5ee38c4d-7cdf-4d45-9679-6e358f5a6241.jpg
images.delfi.ee/media-api-image-cropper/v1/ 90 KB
90 KB 60ms
35ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/5ee38c4d-7cdf-4d45-9679-6e358f5a6241.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de406e103c7dd9c3ac930b8de94113787c0b1bdc85f0df4d2e5fb9d1b4bf4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2518
cf-polished: origSize=95297
x-envoy-upstream-service-time: 222
alt-svc: h3=":443"; ma=86400
content-length: 91936
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 10:46:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d0b681e50-FRA

GET
H2 200 2b6a1d97-c34e-48ad-b259-21c14dc478be.jpg
images.delfi.ee/media-api-image-cropper/v1/ 46 KB
47 KB 42ms
41ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/2b6a1d97-c34e-48ad-b259-21c14dc478be.jpg?noup&w=882&h=496&ch=0.8438&cw=1&cx=0&cy=0.0438&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182b666d7e37f39b237f761968bbf966600282f8c37222c7c75d3cbf74b6c418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8300
cf-polished: origSize=48407
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400
content-length: 47517
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 09:21:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bb61e50-FRA

GET
H2 200 9d0f9f33-718f-465d-9aa6-2ce6357c5510.jpg
images.delfi.ee/media-api-image-cropper/v1/ 150 KB
150 KB 39ms
38ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/9d0f9f33-718f-465d-9aa6-2ce6357c5510.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b4abc96f38fd63156f8720cf6bd932dab541369149dc73784cd2d6d112c974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9562
cf-polished: origSize=162646
x-envoy-upstream-service-time: 132
alt-svc: h3=":443"; ma=86400
content-length: 153194
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 09:19:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bb91e50-FRA

GET
H2 200 f0c95488-235c-4c3d-869f-8ec245a514e5.jpg
images.delfi.ee/media-api-image-cropper/v1/ 204 KB
204 KB 47ms
46ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/f0c95488-235c-4c3d-869f-8ec245a514e5.jpg?noup&w=1264&h=711

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7241fd620138faf28124dfe7856cbab2b97ee5905b27d86cf864ac2ca58c0704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50468
cf-polished: origSize=218882
x-envoy-upstream-service-time: 266
alt-svc: h3=":443"; ma=86400
content-length: 208890
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 22:01:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bba1e50-FRA

GET
H2 200 be2a40d6-a555-4767-980f-310aedfbe663.jpg
images.delfi.ee/media-api-image-cropper/v1/ 229 KB
229 KB 53ms
52ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/be2a40d6-a555-4767-980f-310aedfbe663.jpg?noup&w=1264&h=711&ch=0.8438&cw=1&cx=0&cy=0&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d123a20bf69d351ad9eb0415aa24808ab9bddf204a1b6174cf50e27691acfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12888
cf-polished: origSize=245884
x-envoy-upstream-service-time: 246
alt-svc: h3=":443"; ma=86400
content-length: 234437
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 08:19:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bbb1e50-FRA

GET
H2 200 a5905420-32a7-11ed-972b-6d5fc1c6929f.jpg
images.delfi.ee/media-api-image-cropper/v1/ 123 KB
123 KB 45ms
45ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/a5905420-32a7-11ed-972b-6d5fc1c6929f.jpg?noup&w=1264&h=711&ch=0.8438&cw=1&cx=0&cy=0.0838&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44491958b44f7487112c8446d7a90a8d2db6c4f3e3e7b4e6c13aedcdeaa93b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11215
cf-polished: origSize=129810
x-envoy-upstream-service-time: 253
alt-svc: h3=":443"; ma=86400
content-length: 126065
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 08:53:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bbf1e50-FRA

GET
H2 200 7525c76c-0389-47e3-b566-2307eb438856.jpg
images.delfi.ee/media-api-image-cropper/v1/ 96 KB
96 KB 37ms
36ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/7525c76c-0389-47e3-b566-2307eb438856.jpg?noup&w=1264&h=711&ch=1&cw=0.8853&cx=0.043&cy=0&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f5cb7273c103f1c2ceaf01f5ceb59c0c452e0c93ebb5e88df6e9eca1498510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14440
cf-polished: origSize=101484
x-envoy-upstream-service-time: 217
alt-svc: h3=":443"; ma=86400
content-length: 98362
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 07:37:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc01e50-FRA

GET
H2 200 54e22900-ddaa-11ed-988a-53d81badfccf.jpg
images.delfi.ee/media-api-image-cropper/v1/ 71 KB
71 KB 60ms
59ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/54e22900-ddaa-11ed-988a-53d81badfccf.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7e336b2be92684acc4ad5f4aee2d7ef29c8fabe64f63b1709e2fe9360859cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13797
cf-polished: origSize=74995
x-envoy-upstream-service-time: 92
alt-svc: h3=":443"; ma=86400
content-length: 72487
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 12:58:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc31e50-FRA

GET
H2 200 5ba5a6a0-bf13-11ed-9ca8-794e15b4d4d6.jpg
images.delfi.ee/media-api-image-cropper/v1/ 37 KB
37 KB 43ms
42ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/5ba5a6a0-bf13-11ed-9ca8-794e15b4d4d6.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80253a92d73b7a3287092b34118233df589b0452dae3df3d4abdea34a5a5a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14440
cf-polished: origSize=38317
x-envoy-upstream-service-time: 63
alt-svc: h3=":443"; ma=86400
content-length: 37742
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 12:28:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc41e50-FRA

GET
H2 200 90f2e280-0c5e-11ee-aba5-c90ba9a444a3.jpg
images.delfi.ee/media-api-image-cropper/v1/ 81 KB
81 KB 44ms
43ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/90f2e280-0c5e-11ee-aba5-c90ba9a444a3.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d96874c2e15707268b9593d99a7f619ecbcd972e83000bc5d7fedcaf0a17cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19679
cf-polished: origSize=85785
x-envoy-upstream-service-time: 243
alt-svc: h3=":443"; ma=86400
content-length: 82725
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Dec 2023 06:40:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc61e50-FRA

GET
H2 200 50834752-dc01-4e4b-8e87-963b3b8acb11.jpg
images.delfi.ee/media-api-image-cropper/v1/ 85 KB
85 KB 56ms
56ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/50834752-dc01-4e4b-8e87-963b3b8acb11.jpg?noup&w=1264&h=711

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6273e75080b0f348a773e73f53813c86795448824ecd42cc23ac366d35e20ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 90828
cf-polished: origSize=89186
x-envoy-upstream-service-time: 222
alt-svc: h3=":443"; ma=86400
content-length: 86627
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 09:25:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc71e50-FRA

GET
H2 200 af4799f5-d91d-486a-a6a9-90ca8cd13703.jpg
images.delfi.ee/media-api-image-cropper/v1/ 101 KB
102 KB 47ms
46ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/af4799f5-d91d-486a-a6a9-90ca8cd13703.jpg?noup&w=1264&h=711&ch=0.8437&cw=1&cx=0&cy=0.1563&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6e43cd0cff57e6fc851a9f897bfab6b41a84d0dac4789a800bc0717be9af2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 100122
cf-polished: origSize=105961
x-envoy-upstream-service-time: 253
alt-svc: h3=":443"; ma=86400
content-length: 103802
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 08:04:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc81e50-FRA

GET
H2 200 d5f0a25c-7024-4a01-b842-b44eee74349a.jpg
images.delfi.ee/media-api-image-cropper/v1/ 52 KB
52 KB 79ms
78ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/d5f0a25c-7024-4a01-b842-b44eee74349a.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a4f50e29e15a7181f732b7cf2c4f9d201e60d8ee72428e4120c821bd0cf815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=54140
x-envoy-upstream-service-time: 118
alt-svc: h3=":443"; ma=86400
content-length: 53451
cf-bgj: imgq:100,h2pri
last-modified: Sat, 09 Dec 2023 12:25:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d3bc91e50-FRA

GET
H2 200 5f25b256-14b4-4b9a-8402-d381e8814447.jpg
images.delfi.ee/media-api-image-cropper/v1/ 86 KB
87 KB 60ms
59ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/5f25b256-14b4-4b9a-8402-d381e8814447.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f664aab265b6ec930e07568008e9f69aa235f907a77b7a757ebe9d865632d5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 90314
cf-polished: origSize=90782
x-envoy-upstream-service-time: 112
alt-svc: h3=":443"; ma=86400
content-length: 88460
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Dec 2023 22:03:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d5bed1e50-FRA

GET
H2 200 2a018b51-075d-4d4e-9ea5-4aba4cce8c57.jpg
images.delfi.ee/media-api-image-cropper/v1/ 66 KB
66 KB 65ms
64ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/2a018b51-075d-4d4e-9ea5-4aba4cce8c57.jpg?noup&w=882&h=496

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7d2fb6a1ae4508350d83ecd0c7e495178b49ffef3ee51dcc6fb8731f52e7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 90314
cf-polished: origSize=69415
x-envoy-upstream-service-time: 78
alt-svc: h3=":443"; ma=86400
content-length: 67864
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 10:39:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d5bf11e50-FRA

GET
H2 200 afa904bf-607e-4725-a75b-5d9fbe08c439.jpg
images.delfi.ee/media-api-image-cropper/v1/ 63 KB
63 KB 58ms
57ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/afa904bf-607e-4725-a75b-5d9fbe08c439.jpg?noup&w=882&h=496&ch=0.7268&cw=1&cx=0&cy=0.2435&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a60f8217eb7a58d5c3b6869af0898fa3515f68313813f4d6918db3574c38fe99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 90210
cf-polished: origSize=66505
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=86400
content-length: 64591
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Dec 2023 09:56:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d5bf41e50-FRA

GET
H2 200 667a4112-0054-424e-b30b-c3eada5e8b79.jpg
images.delfi.ee/media-api-image-cropper/v1/ 58 KB
58 KB 60ms
59ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/667a4112-0054-424e-b30b-c3eada5e8b79.jpg?noup&w=882&h=496&ch=0.8438&cw=1&cx=0&cy=0.0581&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6608672b67f0941598aefcb6f43bc6cb5deee9ed3f4e7b9c38c0b6be1137cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 225976
cf-polished: origSize=60728
x-envoy-upstream-service-time: 170
alt-svc: h3=":443"; ma=86400
content-length: 59250
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Dec 2023 09:13:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d5bf61e50-FRA

GET
H2 200 8747c98b-20b0-42c1-b10a-387d22ec4d1e.jpg
images.delfi.ee/media-api-image-cropper/v1/ 53 KB
54 KB 64ms
63ms Image
image/jpg 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.delfi.ee/media-api-image-cropper/v1/8747c98b-20b0-42c1-b10a-387d22ec4d1e.jpg?noup&w=882&h=496&ch=0.3746&cw=1&cx=0&cy=0.12&r=16:9

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

157da6c7257ae9d3003ea2ee99d1ffab7f4cb2368efabf3d33be30f483ad1dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 225976
cf-polished: origSize=56090
x-envoy-upstream-service-time: 110
alt-svc: h3=":443"; ma=86400
content-length: 54665
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Dec 2023 05:22:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: public,max-age=604800
accept-ranges: bytes
cf-ray: 8345e00d5bf71e50-FRA

POST
H2 200 / Show response
sentry.aws.delfi.net/api/4/envelope/ 2 B
203 B 143ms
42ms Fetch
application/json 51.20.247.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.aws.delfi.net/api/4/envelope/?sentry_key=ac661c2055f546d9986ecd5f933479c7&sentry_version=7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.247.195 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-247-195.eu-north-1.compute.amazonaws.com
Software: sentry-relay/22.10.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://arileht.delfi.ee
date: Tue, 12 Dec 2023 12:12:22 GMT
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
server: sentry-relay/22.10.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 portal-root-et_EE-json.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/ 12 KB
5 KB 37ms
37ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/portal-root-et_EE-json.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815a1227b64fb88f47b74b91e1379f84b23adcdecd7aa883974e12a2e445038b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 1a425d1c4a67bd62cbf8d7a0405627da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: TLV50-C2
age: 25
cf-polished: origSize=12608
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: W/"d501d7b2ff46d3a97822580d2df960e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00ddca31e50-FRA
x-amz-cf-id: ryWaqjtzuw8Oj53uHtPtgmrhtwt7TuWS8fOX2ITXbhJRFFoeoE0PBw==

GET
H2 200 portal-Media-et_EE-json.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/ 149 B
323 B 36ms
36ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/portal-Media-et_EE-json.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd033d61e02c063b8187f8f28ea588391a4c6127e22c22f50dc003dd7402785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 25
cf-polished: origSize=201
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: W/"3a8e2195ac77e290ef76e9effffec97b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00ddca51e50-FRA
x-amz-cf-id: 1KPfIBjS_ZJZ-uSNLPfGJFcs9IlFkjXtkZS2Md7mgZneWl-UHXMTgA==

GET
H2 200 portal-piano-et_EE-json.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/ 447 B
680 B 32ms
32ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/portal-piano-et_EE-json.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3810b5992a5d12983e3d9f83d6de1adab980dc93fc6e49f7deb2c343cdd04bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 fadd210e8fada96866356688e5524d10.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 25
cf-polished: origSize=499
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: W/"94243473a8fd99106e9ac5ad132c5ab2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e00ddca71e50-FRA
x-amz-cf-id: ZYfYFM4y84q2Pr7apbjsdtKbxEAydpHmLOfaSZGd0eRUB1rAzzhbUg==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=arileht.delfi.ee

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3739648e245fd5b71fc68757e194288783c9c6a222baad2e3ed35e76a318bbf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137723
x-xss-protection: 0
server: cafe
etag: 16210367084134394559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 12:12:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 4434 9 KB
4 KB 72ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 04:04:50 GMT
etag: 5585625838579639069
expires: Tue, 26 Dec 2023 04:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 74ms
32ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 950
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8345e00e785b7185-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 12:12:22 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 37ms
37ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 950
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8345e00eb8917185-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 12:12:22 GMT

GET
H2 200 shared.html Show response
www.delfi.ee/ Frame B035 738 B
590 B 341ms
287ms Document
text/html 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.delfi.ee/shared.html

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b053b2fb86428fb09671accf4e899d71fd2ac3b14adf5f353435e2f6e7d7e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 8345e01078171e50-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 12:12:22 GMT
etag: W/"2e2-18c584c5618"
last-modified: Mon, 11 Dec 2023 09:54:07 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3

GET
H2 200 web Show response
onesignal.com/api/v1/sync/f1c5b422-1889-4f8a-8b21-dd8e34fa4412/ 3 KB
2 KB 36ms
35ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/f1c5b422-1889-4f8a-8b21-dd8e34fa4412/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ad942ea36b5098296140e65050989872b95bcfa4f4617cb13c5635c1cc7021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1758
cf-polished: origSize=3350
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 10cc6e84-3be3-40a8-b86b-a50fb5b85b51
x-runtime: 0.028457
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"44a41a49294569e9e5fb96b2ed6b56ea"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8345e00f19227185-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 12 Dec 2023 13:12:22 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E63 603 B
245 B 194ms
193ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5295995486288553&output=html&adk=1812271804&adf=3025194257&lmt=1702383121&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Farileht.delfi.ee%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702383142069&bpp=2&bdt=627&idt=239&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1294139748529&frm=20&pv=2&ga_vid=296251416.1702383142&ga_sid=1702383142&ga_hid=337052467&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C31079438%2C31079714%2C31079865%2C31079921%2C42532523%2C44785294%2C95320884&oid=2&pvsid=4067557831568727&tmod=2031781848&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5295995486288553&plah=arileht.delfi.ee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 12:12:22 GMT
expires: Tue, 12 Dec 2023 12:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jwplayer.js Show response
g.delfi.ee/libs/jwplayer/8.27.0/ 107 KB
40 KB 46ms
45ms Script
application/javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/libs/jwplayer/8.27.0/jwplayer.js
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 826b30aab9d32ae24380ee3315d9c77e3ca461f32c73a9fd5e87b03c617c9da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:27:49 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 07:32:53 GMT
server: DWS
age: 17073
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 41034
expires: Fri, 24 Nov 2023 19:26:33 GMT

POST
H3 200 get-server-cookie Show response
arileht.delfi.ee/api/ 37 B
286 B 273ms
272ms XHR
application/json 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arileht.delfi.ee/api/get-server-cookie

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42c0f8f346250ff215abbf141f82ce17d469f20bb5f38f7a0bc234060ae7b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"25-qJmWuWM8RaLc+STuXewd+AYs+bw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-envoy-upstream-service-time: 86
cf-ray: 8345e011ca4e3a4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 60.css
ee-production-portal-root.s3.delfi.ee/1.6.20/ 9 KB
2 KB 50ms
49ms Stylesheet
text/css 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/60.css

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

736a5d1495d44823bd8d68b3a7359aa573cf2a574f8401d83aca9a00816e708e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 8
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"cdafeeff2466ab2079444f1cb187a41d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e011da543a4f-FRA
x-amz-cf-id: wHaHOghYG1TxHnDP8iStDZc-2__YJ2XKE8Nh3zzptLMa0JTQc3LcPw==

GET
H3 200 60.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/ 15 KB
4 KB 55ms
55ms Script
application/javascript 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/60.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a894f0ad43876cac9f3a90993d69a16b9d858f7453587895378be06e8bd4f93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 8
cf-polished: origSize=15190
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"23c23524c05999b7267ce87d253159ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e011da593a4f-FRA
x-amz-cf-id: cGL1yGZ0bI3RiV67JWi9xjVAIipfvPM8vNdPxsJnaHwlOXXalOtOKA==

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 100ms
36ms Script
application/javascript 2606:4700:3030::6815:4222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TY8YVK8D2B2PDETM
age: 5275
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JMl3XnqndIiWz6BQUN636p0eKT/59GmUtCukSa3GDKpALvd3QBzUS2GQCr+Ry0oEJIkuid6Eq5Q=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jcn%2FVKwvNxUwprLxOohuVkHQEMHzQSWYNOBmHynIIv3JGnH01dKgJEfVD5JIt0xfOoQkU8I9ZtYzwNfJtqvJLOitmJbt%2BY0Yzv0AwGt%2FHEQAb8oyQMhXwt3u%2BAoT2s3oH49qZcM5QkM9ZRrCyHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 8345e012ae323661-FRA

GET
H2 200 stockCharts.js Show response
ee-production-portal-custom-page.s3.delfi.ee/arileht-custom-pages/js/ 334 KB
110 KB 242ms
187ms Script
application/javascript 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-custom-page.s3.delfi.ee/arileht-custom-pages/js/stockCharts.js

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5749f45aaca1e8b5ccdec6b1e56d6ad35aa73a2f2eeeccbddff58d2a4e9ad6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
via: 1.1 8313bbb5b34d1ea0742b64ffbb83b692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DUB56-P1
cf-polished: origSize=342418
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 09:52:52 GMT
server: cloudflare
etag: W/"f007508902631c89d8aa302e2c8aa08a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e012db451e50-FRA
x-amz-cf-id: g5rYw8Vcr4gd57wYK-LpdBS4sCzvhrH-TWTSuvdhYdzBUcJX2MGIuA==

GET
H3 200 vendors-list Show response
arileht.delfi.ee/api/ 432 KB
58 KB 46ms
46ms XHR
application/json 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arileht.delfi.ee/api/vendors-list?lang=et

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5235946422da9b1edfbec780cd58ab945cdbfd8077ee6e09ebb87c67e04287ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 16500
etag: W/"6c097-8ynEHvWWFUvLE6LYJq0qfa9OweY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=604800
x-envoy-upstream-service-time: 73
cf-ray: 8345e0128b273a4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 graphql Show response
content.api.delfi.ee/content/v3/ 38 KB
6 KB 209ms
209ms Fetch
application/json 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.api.delfi.ee/content/v3/graphql?operationName=portal_root_getUniversalHeadlines&variables=%7B%22orderBy%22%3A%22PUBLISH_AT%22%2C%22getCount%22%3Afalse%2C%22issueOnly%22%3A%22false%22%2C%22limit%22%3A10%2C%22channelId%22%3A%5B%22077cf08a-2055-11ec-9724-0242c0a88502%22%2C%22077cf3fb-2055-11ec-9724-0242c0a88502%22%5D%2C%22excludeCategories%22%3A92426755%2C%22contentMarketing%22%3A%22false%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221949bd56a095f57f4320b290fc950198b3c755a989ec9c01fab3e670696a9167%22%7D%7D

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da66774351177565f8ba7f02b7d1f322f0d04ec983659106c6e1206cb4738c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-correlation-id: 1abaf11f-8ea5-4977-bdb4-ee8ea9160441
cf-cache-status: BYPASS
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-tracking: c7432eeb1a09857eb7a378e3020a6cb6
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 59
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"9668-RkyFA2HhId0m5EjPgCs5xYPU/wI"
x-download-options: noopen
vary: x-subscriber, Authorization, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: max-age=60, public, stale-while-revalidate=180, stale-if-error=3600
cf-ray: 8345e0137d2292ad-FRA

OPTIONS
H2 204 graphql
content.api.delfi.ee/content/v3/ Frame 0
0 147ms
57ms Preflight 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://arileht.delfi.ee
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=86400
cf-ray: 8345e0131c9592ad-FRA
date: Tue, 12 Dec 2023 12:12:22 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 Category.css
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 1 KB
910 B 142ms
142ms Stylesheet
text/css 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Category.css

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0891ead8ab27cb24d82c1f726c3fd7a1389f74dd5b9dda6aeceb3f24678e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 28
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"708c63c11d49dad8ae99af1114381468"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e012bb683a4f-FRA
x-amz-cf-id: k88EfJwVUJEZ5bviQjFRUI9zIxrohX0__7CQJyC4rg7jhHtD3Rs5Ow==

GET
H3 200 Category.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 15 KB
5 KB 143ms
142ms Script
application/javascript 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Category.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2cc7085b2b5476499ee07e07a88a3af1796896f04e18d585e983cad4278543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 28
cf-polished: origSize=14975
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"ef5f97bbedddad55865423a3320caf1f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e012bb6b3a4f-FRA
x-amz-cf-id: uvUDFAbDs-U0UJAmIDzbtLqHwsgICLeuUbOG4_lyr7_x6jzfW6WH3Q==

GET
H3 200 ArticleBase.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 271 B
653 B 163ms
163ms Script
application/javascript 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/ArticleBase.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9507bd8b04ee11b5fde012b37daf115a293a1a4ff157817a955143fe88786d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 17
cf-polished: origSize=311
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"558796688afb214520dfe604c603af14"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e012bb6d3a4f-FRA
x-amz-cf-id: -a-dKPIXzRvA-nJ0fbm64ba-BgsGBEneLVgxpT-4C2JxGCkErkjshg==

GET
H3 200 Issue.css
ee-production-portal-root.s3.delfi.ee/1.6.20/page/Article/page/ 16 KB
4 KB 164ms
163ms Stylesheet
text/css 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Article/page/Issue.css

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f5e505f28797efc909944709635b192249f85998c874d4301f2c21353074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 17
cf-polished: origSize=16387
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"f14366591c794d1e6e5c4606895a2190"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e012bb6f3a4f-FRA
x-amz-cf-id: Q-qUx1xXPmU_IB4a1eVnnjOiX-hAwyQZNi0V9TbAS8nsDvx24tTwKg==

GET
H3 200 Issue.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/Article/page/ 103 KB
25 KB 165ms
164ms Script
application/javascript 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Article/page/Issue.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03f472cf09b3065a8c7bdf8e12fd98bfbca47f4bc4527cd0869e3a9556c696b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 17
cf-polished: origSize=105252
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"6b9b22d0e20310888f47a0ec35728e09"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e012bb703a4f-FRA
x-amz-cf-id: HN4W6Ny0q49MvuLiP6CkYDVM6opAUx_fgerHnb3b-pA31EUqJarHjA==

GET
H3 200 Article.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 4 KB
2 KB 207ms
207ms Script
application/javascript 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/Article.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2687ccfdf53fa7da0dd271c1c90c3c6ac78d7c43c420a777b487f1d36987fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 17
cf-polished: origSize=3723
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"5798c23d64c36e1eba95b026f742210a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e012bb723a4f-FRA
x-amz-cf-id: e5egu9Wdt0pjZo-YZSPbIp63r_FQS5KDikbcx3sNxJHYuY3HWCvBDg==

GET
H3 200 ArticleComments.css
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 2 KB
1 KB 208ms
208ms Stylesheet
text/css 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/ArticleComments.css

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17379233fa328879cb537f60256435d745deaec2184d1eff31864b2bcf8b8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 28
cf-polished: origSize=2038
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"859c98347c1989607411aaa23c6a4d8b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30
cf-ray: 8345e012bb743a4f-FRA
x-amz-cf-id: s_tJKVcbWTEBMUJP4WuHuY2mb6UbwERV8ebkxeauJWY4ZNuP5-ZhKw==

GET
H3 200 ArticleComments.js Show response
ee-production-portal-root.s3.delfi.ee/1.6.20/page/ 22 KB
7 KB 209ms
209ms Script
application/javascript 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ee-production-portal-root.s3.delfi.ee/1.6.20/page/ArticleComments.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdab92b87053737a75cce1e93dcfd750ded405bd8f44d0c2f309ba208d46e4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:22 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 28
cf-polished: origSize=22518
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 12:40:12 GMT
server: cloudflare
etag: W/"4cf905192dfa2ff31b0fdf4f09690649"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30
cf-ray: 8345e012bb783a4f-FRA
x-amz-cf-id: urWxC2c3oTb7c6rxzOVefjzRm_hm1RSr4syiWfaMxWrsWc8YsBmRAg==

GET
H2 200 load Show response
experience-eu.piano.io/xbuilder/experience/ 4 KB
2 KB 98ms
38ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience-eu.piano.io/xbuilder/experience/load?aid=WSdSTXR9pe

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e954ebcc501af41b14d99e5299d46ee6b6065a827a16726179e890d8917c8c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
date: Tue, 12 Dec 2023 12:12:22 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 11:28:35 GMT
server: cloudflare
age: 2627
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 8345e0134f1565c4-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: bgax7sspek
expires: Tue, 12 Dec 2023 12:42:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 11:48:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1449
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 13:48:14 GMT

GET
H2 200 / Show response
g.delfi.ee/scms/ 471 B
535 B 45ms
45ms Script
application/x-javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/scms/?g=t
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 46bfcc499b55652cd794cfe8e7cedf8c301f90784055eda4cc5ff77e1b2c8c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:01 GMT
content-encoding: gzip
last-modified: Thu, 13 Sep 2018 07:36:30 GMT
server: DWS
age: 21
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1800
accept-ranges: bytes
content-length: 324
expires: Tue, 12 Dec 2023 12:42:01 GMT

GET
H2 200 xgemius.js Show response
sgaee.hit.gemius.pl/ 68 KB
19 KB 209ms
57ms Script
application/x-javascript 188.68.250.247
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sgaee.hit.gemius.pl/xgemius.js
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.247 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h247.sprintdatacenter.net
Software: GHC /
Resource Hash: d5b60bf4d51231e778a1e628e709a16dbe59209f1b568ddb578bff691e3bce80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 12:57:59 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19510
expires: Wed, 13 Dec 2023 00:12:23 GMT

GET
H2 200 t.js Show response
s.delfi.ee/ 8 KB
4 KB 513ms
71ms Script
application/javascript 20.54.110.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.delfi.ee/t.js?instanced
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.54.110.135 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: tracker /
Resource Hash: 034759a545e372f8668347d5b9c8c6f1b32f6fed8249ff6df729ffb019e0aaf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
server: tracker
etag: "gz+A0dZpUXjcvhmg0fVucjG8bMvb+2CSf9t9yn/sBngqvA="
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
content-length: 3763

GET
H2 200 zwxr83yw.js Show response
l.getsitecontrol.com/ 433 B
1 KB 115ms
62ms Script
text/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/zwxr83yw.js
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 578df5aea91ff2cc8fb30ed380cc68137bf9f92ad755cfeb73d1e1c0929953bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: S2CPKXY1A46GTMMN
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/07/2023 19:01:25
cdn-pullzone: 89704
cross-origin-resource-policy: cross-origin
x-amz-id-2: biP44u4LLa+YktjpDiuWmKC/buYdSLVs34qX5/nHkJySVfgQUwYfrWjH35xxt6lgNxYZmq+xXbIWiQXZSFTJkw==
last-modified: Thu, 07 Dec 2023 15:50:33 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"8c50bae34ff7876eb80a9c6644cfcec4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: 6e3966b7e87fb97e17a5e5af729f1064
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET dhcdwcu0be
www.clarity.ms/tag/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
82 KB 81ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MPB3ST4

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ba57b1c8c3eb9cdb677bd07bef7acdaa326cc80ca004070607420b511016e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83456
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 12:12:23 GMT

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 111 KB
37 KB 68ms
26ms Script
application/x-javascript 2a02:26f0:ab00:385::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:385::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 76dabf55e3078e74adefdc33f8b6eff8bb3a6213dc75b9770a66d5a2efaafd50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 12:12:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 13:41:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37050
Expires: Tue, 12 Dec 2023 13:12:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 12:12:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8hkFGypa2gOoJLUIA2+dkUDqs5xNdi5ZZYjjGIZHA+6Ht/4UieZlXXf65HKW/NTICUKzLzhQ1GON6nqJlQ1w2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn-eu.piano.io/api/ 385 KB
114 KB 65ms
56ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-eu.piano.io/api/tinypass.min.js

Requested by

Host: experience-eu.piano.io
URL: https://experience-eu.piano.io/xbuilder/experience/load?aid=WSdSTXR9pe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27170653bb14a6d15c3d4c584b3e49be618baf2717d8129c32b16744d755e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
x-amz-version-id: SiBQ_lDrk0m7FZmRug3K92I2RSbGXwgv
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: 6MR5HXTYT2VQ0Q5R
age: 2773
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +StiDumr/NR0BN7SjwSnJhwszD+wc9mkFYGPvtwoeCkVYvZLHBXbnOPo61kY9QVAyOwrtQA+B3U=
last-modified: Mon, 11 Dec 2023 12:24:15 GMT
server: cloudflare
etag: W/"44d5416f388dff1076e4bf63443067c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8345e0139f8e65c4-FRA
expires: Tue, 12 Dec 2023 16:12:22 GMT

GET
H3 200 non-tcf-partners.json Show response
arileht.delfi.ee/api/ 2 KB
835 B 40ms
40ms XHR
application/json 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arileht.delfi.ee/api/non-tcf-partners.json?ids[]=864&ids[]=89&ids[]=108&ids[]=1205&ids[]=326&ids[]=2677&ids[]=2046

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffbbe56bf8e357b215eafea3a0c591db1bfb363bb956399f0d5a9c0398faca29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 98740
etag: W/"6ba-JA4ZLYKuNBFURzQ1BgV3aiJQQGI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=604800
x-envoy-upstream-service-time: 1
cf-ray: 8345e013dcc93a4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 delfi.svg
h.delfi.ee/g/l/svg/ 4 KB
2 KB 136ms
68ms Image
image/svg+xml 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.delfi.ee/g/l/svg/delfi.svg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 52036e323fca4d2cb6f0fee2d99bc0cff78cda2dfdded17e8280d92fc833e73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:25:00 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 08:24:55 GMT
server: DWS
age: 2842
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1686
expires: Fri, 03 Nov 2023 19:26:43 GMT

GET
H3 200 header_img_left.15c0824.png
ee-production-portal-root.s3.delfi.ee/img/ 4 KB
5 KB 43ms
43ms Image
image/webp 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ee-production-portal-root.s3.delfi.ee/img/header_img_left.15c0824.png

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477f890c25212cf16c7fe1fa8a9d17df73b5cd3197b2fc9e127dbdffd5e82af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
via: 1.1 2e6275c73445d58429e5205e011d70ba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
cf-polished: origFmt=png, origSize=8538
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-disposition: inline; filename="header_img_left.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4530
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: "15c0824b1861d08620ebf783c1460c3c"
vary: Accept
content-type: image/webp
cache-control: max-age=30
accept-ranges: bytes
cf-ray: 8345e013dcd13a4f-FRA
x-amz-cf-id: sNQ8RXcqppsAAkwKIwiMM9Q2jiksSZjE6XEenqRug0f9TWJZvS4QjQ==

GET
H3 200 header_img_right.bf34fab.png
ee-production-portal-root.s3.delfi.ee/img/ 5 KB
5 KB 53ms
53ms Image
image/webp 104.22.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ee-production-portal-root.s3.delfi.ee/img/header_img_right.bf34fab.png

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23946fba5e4d238c206c642d472e68c2485d953b81c4fe1b0b26dc2aae2c261c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee-production-portal-root.s3.delfi.ee/1.6.20/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
via: 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
cf-polished: origFmt=png, origSize=9460
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-disposition: inline; filename="header_img_right.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4908
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Dec 2023 12:40:13 GMT
server: cloudflare
etag: "bf34fabeaa2320127fda3d3acd2c4a00"
vary: Accept
content-type: image/webp
cache-control: max-age=30
accept-ranges: bytes
cf-ray: 8345e013dcd33a4f-FRA
x-amz-cf-id: GLcVolZlUkNVVjv1UD3wNYGIRTjdLLuYATsjZ79aSDJmoZkgfOFesQ==

GET
H2 200 _d
ts.delfi.ee/ 43 B
284 B 182ms
123ms Image
image/gif 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ts.delfi.ee/_d?s=delfi/economy&u=https%3A//arileht.delfi.ee/&h=&r=&t=1702383143023

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
cache-control: post-check=0, must-revalidate, no-store, no-cache, pre-check=0
accept-ranges: bytes
cf-ray: 8345e0145d3c1e50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=337052467&t=pageview&_s=1&dl=https%3A%2F%2Farileht.delfi.ee%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%C3%84rileht&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABEAAAACAAI~&jid=1322779470&gjid=2045231946&cid=296251416.1702383142&tid=UA-4729238-1&_gid=412405472.1702383143&_r=1&_slc=1&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=arileht.delfi.ee&cd7=et&cd8=Online%20vaade&cd9=&cd10=&cd11=logged%20out&cd12=&cd13=logged%20out&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&z=152721083

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b1f5b4961f8b88e8a881a4e4aa3678e5c2963c907953665e390cb1ed39426367

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arileht.delfi.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quotes-with-chart Show response
api.delfi.ee/finance-api/v1/query/ 129 KB
26 KB 248ms
228ms XHR
application/json 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.delfi.ee/finance-api/v1/query/quotes-with-chart

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158406018cfacf0d4ca02587865bbe39693e7c76f9cbe1dcef4197ca791938d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
x-correlation-id: 22831966-f5e9-4d68-9b89-473de96333a9
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: BYPASS
x-permitted-cross-domain-policies: none
x-tracking: 9637035b5429ae20e3935e20576d6f3a
content-encoding: br
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 115
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
cache-control: private, max-age=60
cf-ray: 8345e0144de892ad-FRA

GET
H2 200 chart.min.js Show response
g.delfi.ee/libs/chart.js/3.5.1/ 184 KB
64 KB 45ms
45ms Script
application/javascript 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/libs/chart.js/3.5.1/chart.min.js
Requested by: Host: ee-production-portal-custom-page.s3.delfi.ee
URL: https://ee-production-portal-custom-page.s3.delfi.ee/arileht-custom-pages/js/stockCharts.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 6c2dcb0990b029e7a163a4f87c58bd55f394d20ced51af92e1c9e422154f6791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:39:32 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 11:05:52 GMT
server: DWS
age: 41570
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 65222
expires: Fri, 24 Nov 2023 19:31:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4729238-1&cid=296251416.1702383142&jid=1322779470&gjid=2045231946&_gid=412405472.1702383143&_u=aAhAAEAAEAAAACAAI~&z=1649787818

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arileht.delfi.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C4YBSNESQ0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d139e63a31ed32f308b8ad343bcf4dfdc535fe8bda7bb7de6fac87255f26ff9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85412
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 12:12:23 GMT

GET
H/1.1 204
No Content /
c.cintnetworks.com/ 0
257 B 522ms
365ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/?a=2495&i=224&id=cxense_224:lq2ayw0g1ff3unnf
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 12:12:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Arr-Disable-Session-Affinity: true
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2 200 1884980121754918 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1884980121754918?v=2.9.138&r=stable&domain=arileht.delfi.ee

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce1fa55f73be7034974cf95ad72297f7e3a2adae69e23a7a2a58023f878f2b75

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 12:12:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37005
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: bTWncNyI92BMEhs+hGqUbg5i45nHu6sY/jEXwSLhavUD/nJm50I4xi3v9waQW0z4fBP4h19fO+s5cPkTvsA4Pw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 zwxr83yw.json Show response
l.getsitecontrol.com/ 154 KB
13 KB 62ms
19ms XHR
application/json 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/zwxr83yw.json
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 0b299842002799799e7def1c2caa713f43da3acf0403783954b8892be1dbc619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: 7G70M0K4JBPB3B9B
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/07/2023 15:50:36
cdn-pullzone: 89704
cross-origin-resource-policy: cross-origin
x-amz-id-2: s6lo66pQFtUPHzC11tJNoKXOXWxISjhqOAhKyNDZV/lN58LeySrqAjNwckXtwXIduADWCSj4HFY=
last-modified: Thu, 07 Dec 2023 15:50:33 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"f17709864b59a8c11e1ab128a9334f0a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
access-control-max-age: 3000
cdn-requestid: 28bde486f8ba2d3afe05ba2f0449e350
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/937236878/ 3 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937236878/?random=1702383143107&cv=11&fst=1702383143107&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9106640713&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Farileht.delfi.ee%2F&hn=www.googleadservices.com&frm=0&tiba=%C3%84rileht&auid=1976599315.1702383143&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPB3ST4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed008cabce5b88f6a4d603cb2f9bf32005ec1dbd1d80d95881898e232013ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verify Show response
id-eu.piano.io/id/api/v1/identity/token/ 194 B
546 B 45ms
37ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id-eu.piano.io/id/api/v1/identity/token/verify?browser_id=lq2ayw0g1ff3unnf&page_view_id=lq2ayw0g5pcu1x3x&content_type=website&page_title=%C3%84rileht&callback=jsonp6558&client_id=WSdSTXR9pe&site=https%3A%2F%2Farileht.delfi.ee

Requested by

Host: cdn-eu.piano.io
URL: https://cdn-eu.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6fb360360cb7b20b9cbab3efb77c449a28e62e9bc6c8bd0f7ffe6a7c7caaa5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: En8zj5sbxgP
pragma: no-cache
wn: prod-euc1-dash-10-4-146-54
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
server-time: 0.001
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8345e014a8f465c4-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 291ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1884980121754918&ev=PageView&dl=https%3A%2F%2Farileht.delfi.ee%2F&rl=&if=false&ts=1702383143136&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702383143135.1798454154&cs_est=true&ler=empty&it=1702383143097&coo=false&rqm=GET

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 12:12:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 273ms
45ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4729238-1&cid=296251416.1702383142&jid=1322779470&_u=aAhAAEAAEAAAACAAI~&z=1091542197

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 134ms
87ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4729238-1&cid=296251416.1702383142&jid=1322779470&_u=aAhAAEAAEAAAACAAI~&z=1091542197

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 graphql Show response
content.api.delfi.ee/content/v3/ 36 KB
6 KB 338ms
338ms Fetch
application/json 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.api.delfi.ee/content/v3/graphql?operationName=portal_root_getUniversalHeadlines&variables=%7B%22orderBy%22%3A%22VIEWS%22%2C%22getCount%22%3Afalse%2C%22issueOnly%22%3A%22false%22%2C%22limit%22%3A10%2C%22channelId%22%3A%5B%22077cf08a-2055-11ec-9724-0242c0a88502%22%2C%22077cf3fb-2055-11ec-9724-0242c0a88502%22%5D%2C%22excludeCategories%22%3A92426755%2C%22contentMarketing%22%3A%22false%22%2C%22viewsSince%22%3A%22SINCE_24_HOURS%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221949bd56a095f57f4320b290fc950198b3c755a989ec9c01fab3e670696a9167%22%7D%7D

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5ea05b02331d33a86e7799d69319700efecbb3516377e34d018ee60cc49f7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-correlation-id: 39c610d7-146e-49c0-981f-5ea1a15115e1
cf-cache-status: BYPASS
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-tracking: 6e03a5058cb85b18c928bb31a6edac84
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 191
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"9107-5Jrefrp2AQOt+l1teo0Jk4eHsHg"
x-download-options: noopen
vary: x-subscriber, Authorization, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: max-age=60, public, stale-while-revalidate=180, stale-if-error=3600
cf-ray: 8345e0151d324da4-FRA

OPTIONS
H3 204 graphql
content.api.delfi.ee/content/v3/ Frame 0
0 44ms
44ms Preflight 172.67.28.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.28.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://arileht.delfi.ee
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=86400
cf-ray: 8345e014dc974da4-FRA
date: Tue, 12 Dec 2023 12:12:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 execute Show response
c2-eu.piano.io/xbuilder/experience/ 2 KB
1 KB 54ms
40ms XHR
application/json 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-eu.piano.io/xbuilder/experience/execute?aid=WSdSTXR9pe

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b25592c4d82216e0110448e9505cce0234abc350c17a39fa7caceb45d63a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: 7jalfjdp47
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://arileht.delfi.ee
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8345e014f96365c4-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YG8VC2H8NV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPB3ST4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2058ba588897349694add7be8272833725df68aa3189d5f64aef9c631860477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 12:12:23 GMT

GET
H2 200 runtime.efcf714.js Show response
s2.getsitecontrol.com/widgets/es6/ 151 KB
52 KB 191ms
23ms Script
text/javascript 2400:52e0:1e00::1048:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.efcf714.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/zwxr83yw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1048:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1048 /
Resource Hash: 1bb7f12e7b84c62032481f3b0e5f88523cfc1bd34726b6014f0e4766fc4d7543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: br
cdn-edgestorageid: 1047
x-amz-request-id: WWJ3R0TEN9GWFQD8
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/10/2023 15:34:13
cdn-pullzone: 83560
cross-origin-resource-policy: cross-origin
x-amz-id-2: imOCnwVxPwu/lCP4TmqiD6vB/NxNEnCtXQZnjkAp7F+qw1xLzzpqu3CnIJhIwFwSvH3tCptcTN4=
last-modified: Fri, 10 Nov 2023 15:29:16 GMT
server: BunnyCDN-DE1-1048
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"c92a795e22565fe1a9b203c5003d2997"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=22809600
cdn-requestid: 548a008f52ec262bb7440878b0c7a390
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 039E 456 B
659 B 25ms
25ms Document
text/html 2a02:26f0:ab00:385::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:385::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Tue, 12 Dec 2023 12:12:23 GMT
Expires: Fri, 22 Dec 2023 12:12:23 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/937236878/ 42 B
455 B 187ms
33ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/937236878/?random=1702383143107&cv=11&fst=1702382400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9106640713&u_w=1600&u_h=1200&url=https%3A%2F%2Farileht.delfi.ee%2F&frm=0&tiba=%C3%84rileht&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_l-Oj0BsyPKTRee2yGAl9X7JOXy1pO7mOpjDayiDJ9F2MIkGl&random=3926763954&rmt_tld=0&ipr=y

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/937236878/ 42 B
455 B 55ms
55ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/937236878/?random=1702383143107&cv=11&fst=1702382400000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9106640713&u_w=1600&u_h=1200&url=https%3A%2F%2Farileht.delfi.ee%2F&frm=0&tiba=%C3%84rileht&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_l-Oj0BsyPKTRee2yGAl9X7JOXy1pO7mOpjDayiDJ9F2MIkGl&random=3926763954&rmt_tld=1&ipr=y

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 166ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C4YBSNESQ0&_ono=1&gtm=45je3bt0v9137946043&_p=1702383142951&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&tcfd=10001&ul=en-us&sr=1600x1200&cid=296251416.1702383142&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Farileht.delfi.ee%2F&dp=%2F&dt=%C3%84rileht&sid=1702383143&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_6=arileht.delfi.ee&ep.ua_dimension_7=et&ep.ua_dimension_8=Online%20vaade&ep.ua_dimension_11=logged%20out&ep.ua_dimension_13=logged%20out&ep.ua_dimension_14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&tfd=2139
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4YBSNESQ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arileht.delfi.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-C4YBSNESQ0&cid=296251416.1702383142&gtm=45je3bt0v9137946043&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4YBSNESQ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arileht.delfi.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
44ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-C4YBSNESQ0&cid=296251416.1702383142&gtm=45je3bt0v9137946043&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1352706937

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 2D1A 1 KB
2 KB 159ms
38ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=562978&mkw=channel_vue,channel_arileht,logged_out,channel_frontpage,arileht_frontpage&mkv=channel:arileht,user_type:m-tellija,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:arileht_001,chn_fp_pos:arileht_001&adid=e53372b9-733b-4e38-8b6a-e53d5094cc40

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b7185d3639d780da209bf5cf0e4c39017df400412bcd3bced5930d28e12adfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 039E 111 KB
37 KB 29ms
29ms Script
application/x-javascript 2a02:26f0:ab00:385::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:385::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 385a3321b0c214d7b4476729aa33f296aa1b8458de7f777d5965f8b70a8c97d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 12:12:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 13:41:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37050
Expires: Tue, 12 Dec 2023 13:12:23 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 102ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YG8VC2H8NV&gtm=45je3bt0v9106677257z89106640713&_p=1702383142951&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=296251416.1702383142&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702383143&sct=1&seg=0&dl=https%3A%2F%2Farileht.delfi.ee%2F&dt=%C3%84rileht&en=page_view&_fv=1&_ss=1&ep.page_type=frontpage&ep.is_paid_article=&ep.user_logged_in=false&ep.user_product_type=Empty&tfd=2195
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG8VC2H8NV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arileht.delfi.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 27ms
27ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YG8VC2H8NV&cid=296251416.1702383142&gtm=45je3bt0v9106677257z89106640713&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG8VC2H8NV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arileht.delfi.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YG8VC2H8NV&cid=296251416.1702383142&gtm=45je3bt0v9106677257z89106640713&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1237640365

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 roboto-v29-latin-ext_latin_cyrillic-500.woff2
g.delfi.ee/fonts/roboto/ 49 KB
49 KB 46ms
46ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/roboto/roboto-v29-latin-ext_latin_cyrillic-500.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/roboto/roboto.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75

Request headers

Referer: https://g.delfi.ee/fonts/roboto/roboto.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:08:26 GMT
last-modified: Wed, 23 Feb 2022 07:47:34 GMT
server: DWS
age: 236
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 50460
expires: Fri, 24 Nov 2023 19:26:21 GMT

GET
H2 200 roboto-v29-latin-ext_latin_cyrillic-500italic.woff2
g.delfi.ee/fonts/roboto/ 54 KB
54 KB 385ms
385ms Font
font/woff2 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://g.delfi.ee/fonts/roboto/roboto-v29-latin-ext_latin_cyrillic-500italic.woff2
Requested by: Host: g.delfi.ee
URL: https://g.delfi.ee/fonts/roboto/roboto.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: dbf75b2439fc8d49e8eb9405fb91bd40286c643adfb882abf1800ec525a0fa3d

Request headers

Referer: https://g.delfi.ee/fonts/roboto/roboto.css
Origin: https://arileht.delfi.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:06:09 GMT
last-modified: Wed, 23 Feb 2022 07:47:34 GMT
server: DWS
age: 373
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 55096
expires: Thu, 11 Jan 2024 03:20:34 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 13 KB
3 KB 93ms
93ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTQ1MTA3NSZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9hcmlsZWh0LGxvZ2dlZF9vdXQsY2hhbm5lbF9mcm9udHBhZ2UsYXJpbGVodF9mcm9udHBhZ2UmbWt2PWNoYW5uZWw6YXJpbGVodCx1c2VyX3R5cGU6bS10ZWxsaWphLG5ldHdvcms6NGcsc2NyZWVuX3dpZHRoOjE2MDAsc2NyZWVuX2hlaWdodDoxMjAwLGxvY2FsZTpldF9FRSxwb3NpdGlvbjpwb3NfMDAxLGNobl9wb3M6YXJpbGVodF8wMDEsY2huX2ZwX3BvczphcmlsZWh0XzAwMQ&bWlkPTU2OTI3MCZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9hcmlsZWh0LGxvZ2dlZF9vdXQsY2hhbm5lbF9mcm9udHBhZ2UsYXJpbGVodF9mcm9udHBhZ2UmbWt2PWNoYW5uZWw6YXJpbGVodCx1c2VyX3R5cGU6bS10ZWxsaWphLG5ldHdvcms6NGcsc2NyZWVuX3dpZHRoOjE2MDAsc2NyZWVuX2hlaWdodDoxMjAwLGxvY2FsZTpldF9FRSxwb3NpdGlvbjpwb3NfMDAxLGNobl9wb3M6YXJpbGVodF8wMDEsY2huX2ZwX3BvczphcmlsZWh0XzAwMQ&bWlkPTY1MTAwOSZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9hcmlsZWh0LGxvZ2dlZF9vdXQsY2hhbm5lbF9mcm9udHBhZ2UsYXJpbGVodF9mcm9udHBhZ2UmbWt2PWNoYW5uZWw6YXJpbGVodCx1c2VyX3R5cGU6bS10ZWxsaWphLG5ldHdvcms6NGcsc2NyZWVuX3dpZHRoOjE2MDAsc2NyZWVuX2hlaWdodDoxMjAwLGxvY2FsZTpldF9FRSxwb3NpdGlvbjpwb3NfMDAxLGNobl9wb3M6YXJpbGVodF8wMDEsY2huX2ZwX3BvczphcmlsZWh0XzAwMQ&adid=e53372b9-733b-4e38-8b6a-e53d5094cc40&url=https%3A%2F%2Farileht.delfi.ee%2F&callback=_adform_cb_1702383143409_07597094049033215

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8056cb1dc61efa278eac29585bf75d4118502d5e0429cabdcdd311d2fbecfe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 039E 45 B
634 B 158ms
25ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: cdb9a87ef2c2d184ffc990fe214009de53329cafa4ae63d91b2ab4878feba269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Mon, 12 Jun 2023 12:12:23 GMT
server: Jetty(9.4.28.v20200408)
etag: znybgy4evgwnntadc9553qls
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 45
expires: Thu, 12 Dec 2024 12:12:23 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 2D1A 62 KB
26 KB 50ms
50ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=562978&mkw=channel_vue,channel_arileht,logged_out,channel_frontpage,arileht_frontpage&mkv=channel:arileht,user_type:m-tellija,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:arileht_001,chn_fp_pos:arileht_001&adid=e53372b9-733b-4e38-8b6a-e53d5094cc40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 06:47:18 GMT
server: nginx
x-amz-request-id: tx00000173ebccfd2c15d9e-006461d90b-3295a825-default
etag: W/"cd30185b4774b9eb12ea46ca45e76972"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 events Show response
events.getsitectrl.com/api/v1/ 525 B
773 B 387ms
118ms Fetch
text/plain 34.200.73.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.73.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-73-183.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: 633643395f3282d7988147e469b172e4750ef88ada3b546da1975bbc42e4601c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 525

GET
H2 200 csc-event
s.delfi.ee/ 37 B
223 B 72ms
72ms Image
image/gif 20.54.110.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.delfi.ee/csc-event?p=0%3Alq2aywc8%3Aqq_AvITbgPHcNOtgJgoiSFJZH9NdSOqb&s=0%3Alq2aywc8%3ABJveNa5qQqfAlBiTKFlRgJfqrJ_TTLe_&v=0%3AMH4sAELt7VVtwIxzqruf1~_uEMAos7fl&e=0%3APMToFmE9KtLA3ogFU0oZ3ilDaXP75seC0&c=lq2aywca&n=t&f=t&l=https%3A%2F%2Farileht.delfi.ee%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&a=none&x=39jjjn
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.54.110.135 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: tracker /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: tracker
etag: "6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate
content-length: 37
expires: Fri, 14 Apr 1995 11:30:00 GMT

GET
H2 200 csc-event
s.delfi.ee/ 37 B
223 B 70ms
70ms Image
image/gif 20.54.110.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.delfi.ee/csc-event?p=0%3Alq2aywc8%3Aqq_AvITbgPHcNOtgJgoiSFJZH9NdSOqb&s=0%3Alq2aywc8%3ABJveNa5qQqfAlBiTKFlRgJfqrJ_TTLe_&v=0%3ATR1sZlNcblnUEzV7zRSWrYlqiNZJ3_7p&e=0%3AFVruGmrEY~ts_PGiN1iI9p_ukR_tQFAF0&c=lq2aywcb&n=f&f=f&l=https%3A%2F%2Farileht.delfi.ee%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&a=none&x=-t3j3bq
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.54.110.135 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: tracker /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: tracker
etag: "6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate
content-length: 37
expires: Fri, 14 Apr 1995 11:30:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 279D 37 KB
17 KB 52ms
51ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 70fa7d6af1775ea7cbb76511f73b02a74a55c965b1956e7cc5ef3798871badca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:30 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 279D 43 B
145 B 69ms
21ms Image
image/gif 18.192.242.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=adform
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.242.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.adform.net/ Frame 279D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1

43 B
163 B

168ms
33ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 279D
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4594740078877378484

43 B
162 B

119ms
36ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=16&adform_pc=4594740078877378484
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
an-x-request-uuid: 1fc03844-0f58-4999-9b41-70fe46b3458d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.adform.net/pixel?adform_pid=16&adform_pc=4594740078877378484
x-proxy-origin: 84.19.175.183; 84.19.175.183; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 279D
Redirect Chain

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
https://cm.adform.net/pixel?adform_pid=18&adform_pc=fb5d74b3-b67e-4764-afe7-858c4192453e

43 B
162 B

119ms
36ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=18&adform_pc=fb5d74b3-b67e-4764-afe7-858c4192453e
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://cm.adform.net/pixel?adform_pid=18&adform_pc=fb5d74b3-b67e-4764-afe7-858c4192453e
Date: Tue, 12 Dec 2023 12:12:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 scroller.js Show response
s1.adform.net/Banners/Elements/Files/146996/3171744/ Frame 8081 571 B
740 B 51ms
50ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/146996/3171744/scroller.js?bn=69864856;v=1
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9f4f1d7abcc0736bf3c2a2acd22407f5cd35c93717c5c4084994e835bad77f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 07:43:30 GMT
server: nginx
x-amz-request-id: tx000003afcd018eb91b207-0065780927-3295f919-default
etag: W/"3314495fbf4ce40a807ecad3395a7f72"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 sync
x.bidswitch.net/ Frame 8081 43 B
146 B 67ms
20ms Image
image/gif 18.192.242.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=adform
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.242.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.adform.net/ Frame 8081
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1

43 B
162 B

168ms
34ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 8081
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
https://cm.adform.net/pixel?adform_pid=16&adform_pc=6132315279969385889

43 B
162 B

146ms
65ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=16&adform_pc=6132315279969385889
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
an-x-request-uuid: a365170a-8589-4df4-a510-eb75cde561f2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.adform.net/pixel?adform_pid=16&adform_pc=6132315279969385889
x-proxy-origin: 84.19.175.183; 84.19.175.183; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 8081
Redirect Chain

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
https://cm.adform.net/pixel?adform_pid=18&adform_pc=de36d233-b7b0-46f3-8b7c-edcb85adbc02

43 B
162 B

147ms
64ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=18&adform_pc=de36d233-b7b0-46f3-8b7c-edcb85adbc02
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://cm.adform.net/pixel?adform_pid=18&adform_pc=de36d233-b7b0-46f3-8b7c-edcb85adbc02
Date: Tue, 12 Dec 2023 12:12:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 siteheader.js Show response
s1.adform.net/Banners/Elements/Files/146996/2932089/ Frame DCC6 811 B
849 B 51ms
51ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/146996/2932089/siteheader.js?bn=69932513;v=1
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5797691548eb8ee126ca300c213860aac9a5c967f1066e301cffc03aa13e060e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 07:43:23 GMT
server: nginx
x-amz-request-id: tx000000644d30b87e42be7-0065780534-3295f919-default
etag: W/"7715ed5f0b0462f8eb60724f0194cf9d"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 sync
x.bidswitch.net/ Frame DCC6 43 B
145 B 34ms
21ms Image
image/gif 18.192.242.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=adform
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.242.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.adform.net/ Frame DCC6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1

43 B
162 B

152ms
34ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGs4xd3UWUuLHlpdkIkiZ7k&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame DCC6
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
https://cm.adform.net/pixel?adform_pid=16&adform_pc=4876918172063648353

43 B
162 B

128ms
35ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=16&adform_pc=4876918172063648353
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
an-x-request-uuid: d2805fa9-2a64-4297-8b74-c58bc6418c84
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.adform.net/pixel?adform_pid=16&adform_pc=4876918172063648353
x-proxy-origin: 84.19.175.183; 84.19.175.183; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame DCC6
Redirect Chain

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
https://cm.adform.net/pixel?adform_pid=18&adform_pc=ac51bd77-d149-492d-85f1-99187e07604e

43 B
162 B

90ms
37ms

Image
image/gif

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=18&adform_pc=ac51bd77-d149-492d-85f1-99187e07604e
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://cm.adform.net/pixel?adform_pid=18&adform_pc=ac51bd77-d149-492d-85f1-99187e07604e
Date: Tue, 12 Dec 2023 12:12:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 fpdata.js Show response
sgaee.hit.gemius.pl/ 277 B
392 B 112ms
112ms Script
application/x-javascript 188.68.250.247
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sgaee.hit.gemius.pl/fpdata.js?href=arileht.delfi.ee
Requested by: Host: sgaee.hit.gemius.pl
URL: https://sgaee.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.68.250.247 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h247.sprintdatacenter.net
Software: GHC /
Resource Hash: 8ec4d333199c9e00f2d74e0302b46d04bf6534a5eb3e943f0afade70dd56d3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 277
expires: Thu, 11 Jan 2024 12:12:23 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 50BA 5 KB
3 KB 217ms
40ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: sgaee.hit.gemius.pl
URL: https://sgaee.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 861a7f546a6b6cba4307c6f74136599a1e5e65fd0d4d831baaa72c46cbd4303c

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 12:12:23 GMT
etag: PRIVATE7520710249
expires: Thu, 11 Jan 2024 12:12:23 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 279D 7 KB
4 KB 38ms
38ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=69853091;rtbwp=MTRhkF1PPcQ1;rtbdata=zDPfQtTlILnjU3OJuMsdHYeRMMrYq9PZ8sWqOzVDkrRgUZNIp2gU9Ip-BrszzkeaxUevr5m4nEk34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2;csid=136310;pui=q40_VW_NVZahp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-5ebTSA5qm6pkMulKNnmtZSp3KnSrg04G_zSCVerUuBpA7z_uuw_WOM1;adxvars=urelBd_zVwCM9QP9cOrD5f5t_s1uY5mt6fPKT-Zp67NiDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSHMh3OHwSJiLowhrNV_yKs921n-q0k8fi46_MWAQoTaCAtLbjGYx1qb5qQ5eDETz_nFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfz0mgD_wwrCniZ794-K4sUn0;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;;js=1;adfxid=1x;2859;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Farileht.delfi.ee%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

525e4a56eb4f14488e0bba6c42c99331732bde77fa8e44557453233efe7e9089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3805
expires: -1

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 8081 37 KB
17 KB 49ms
49ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 70fa7d6af1775ea7cbb76511f73b02a74a55c965b1956e7cc5ef3798871badca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:30 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame DCC6 37 KB
17 KB 58ms
58ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 70fa7d6af1775ea7cbb76511f73b02a74a55c965b1956e7cc5ef3798871badca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:30 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 039E 43 B
468 B 313ms
26ms Image
image/gif 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.42&typ=pgv&rnd=lq2ayw5fkshbc3cw&sid=1145189970857384309&loc=https%3A%2F%2Farileht.delfi.ee%2F&new=0&arf=0&ltm=1702383143236&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lq2ayw5g8xsmtlp8&ckp=lq2ayw0g1ff3unnf&glb=&cp_userState=anon&cp_channel=arileht&cp_platform=Online%20vaade&cp_page_type=Frontpage&cp_user_logged_in=no&cp_has_user_package=no&cp_gem_id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&cst=znybgy4evgwnntadc9553qls
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 102 B
675 B 180ms
26ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lq2ayw0g1ff3unnf%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22znybgy4evgwnntadc9553qls%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22znybgy4evgwnntadc9553qls%22%7D%5D%2C%22siteId%22%3A%221145189970857384309%22%2C%22location%22%3A%22https%3A%2F%2Farileht.delfi.ee%2F%22%7D&callback=cXJsonpCB1

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

87b5199b58b097e2ec92938bf044b13fc1dd5dc3fcf16bc5e7f8b56859b9b30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 102
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 8081 10 KB
5 KB 39ms
38ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=69864856;rtbwp=17nOlXG9bA41;rtbdata=qLXum2p1o-SIx4E20qX4pM8EcRrXrPt2a1HjJy5WwjsSgb4uBtizh4p-Brszzkeatbm7gTk-Dnw34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2;csid=94578;pui=q40_VW_NVZahp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-5ebTSA5qm6pkMulKNnmtZSp3KnSrg04G_zSCVerUuBpA7z_uuw_WOM1;adxvars=urelBd_zVwCKVLeYHk8ZZZmWAqhYS0FPjSGWuTZri39iDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSHRjIKsHUdpZUSAF-Sk4eq5vaIBvpCMrVDepw2usyjXBssY__8I9Rn-8-wWkU7tDPXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfx01TvioFKa8Edulz8D_qAd0;adxcmd=lDbNZc6D8EBxWXp_eBE_5w2;;js=1;adfxid=2x;7311;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Farileht.delfi.ee%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fa626a718dcdd89a9697c651e08e97b50716ec927e11f12faf682ee43d895f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4884
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame DCC6 9 KB
5 KB 38ms
38ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=69932513;rtbwp=vR5KWVVM5-81;rtbdata=zDPfQtTlILlXNJOZUu2Sv5b3EfWiQ6QRSMPPtoq8saiaYXGdg6Q7iIp-BrszzkeaD8GeUHYXp2k34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2;csid=87883;pui=q40_VW_NVZahp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-5ebTSA5qm6pkMulKNnmtZSp3KnSrg04G_zSCVerUuBpA7z_uuw_WOM1;adxvars=urelBd_zVwCX7q1wCkmFo7YsWfBRwDmf6fPKT-Zp67NiDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSND5w7pWBM3SborE0wM5z7TOYKbjfhdCj2j__u5kGqOt--Moj7f2GTllJ0QIrUe_VXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfywHGz6B6dJ1w2;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;;js=1;adfxid=3x;9052;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Farileht.delfi.ee%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a6c945db83be989d633f3907401de4849f83d3d982b1f6f9d1517f2195db49ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4867
expires: -1

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 279D 86 KB
37 KB 51ms
50ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a5e0104d6421cf17fc1312b0190e7c5357a59c10dad1d9bbd3b48b1d3aa30985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:32 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame DCC6 92 KB
39 KB 51ms
51ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: af541fd9954b90e074496298934147b23d36e2837cbb5699f31902418df305bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:32 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 279D 35 B
592 B 37ms
37ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=69853091&csi=4d5WLmQp7o7Y-BsMcrBlbB9DVA-jExg8N2Ou4ZG2JOPEIcui-QmKxV0qFnTWM42EgSeFSZ7VRaxUS9h0tFkz_EZZp18-t1bklrAl0tFivmKrXRbOFnztb4t-1Ef8TKdEJnixhjcaQ328jqTQ3yLCxQ2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 61499607.jpg
s1.adform.net/Banners/61499607/ Frame 279D 125 KB
125 KB 64ms
64ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/61499607/61499607.jpg?bv=3
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cf1a60e9d45aaff00e8e410bcecbeb3a2d23859ee2da52fff2fceda8c7bdce69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Mon, 27 Nov 2023 11:15:41 GMT
server: nginx
x-amz-request-id: tx00000a8b4d83ecef137cd-006577dc7f-32959ea8-default
etag: "0ace7634bb76963ed8c166257aaa015b"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 127571

GET
H2

200

rexdot.js Show response
sgaee.hit.gemius.pl/__/_1702383143795/
Redirect Chain

https://sgaee.hit.gemius.pl/_1702383143795/rexdot.js?l=106&sendf=24&id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Faril...
https://sgaee.hit.gemius.pl/__/_1702383143795/rexdot.js?l=106&sendf=24&id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fa...

169 B
547 B

157ms
157ms

Script
application/x-javascript

188.68.250.247
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sgaee.hit.gemius.pl/__/_1702383143795/rexdot.js?l=106&sendf=24&id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Farileht.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=BRcWfXLSILKYu6aO1zTF8XSD4Nhl4ZaQZY7HBchaszj.975.LLTac_ayxraIFDl9lCSBwoaEED3fdgtV78UIIyO.P1Gg/euGEraLmLETZ0/&fpdata=nHaxA4LuF4IZSTfPlljcHMvsuM083inNTCXU8QT2Jk..E7&ltime=228&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65784e2721bf6731&brts=1702383143&fpcap=
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Server: 188.68.250.247 Olsztyn, Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n8250h247.sprintdatacenter.net
Software: GHC /
Resource Hash: 537e0b63ecf730e3e6fb321e791ffde12476709b5154e539788c0e27cf3b5bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 11 Dec 2023 12:12:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1702383143795/rexdot.js?l=106&sendf=24&id=bQpLaYM3mH790HMJOUEDQpbf38NsfG8AWpbIJBniDHP.c7&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Farileht.delfi.ee%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=BRcWfXLSILKYu6aO1zTF8XSD4Nhl4ZaQZY7HBchaszj.975.LLTac_ayxraIFDl9lCSBwoaEED3fdgtV78UIIyO.P1Gg/euGEraLmLETZ0/&fpdata=nHaxA4LuF4IZSTfPlljcHMvsuM083inNTCXU8QT2Jk..E7&ltime=228&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65784e2721bf6731&brts=1702383143&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 11 Dec 2023 12:12:23 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame DCC6 35 B
592 B 38ms
38ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=69932513&csi=Q8tFaLnugrd1-CapPCsHmF7SyWG-zfcWn3PtGoS9w8gCSGHUPR3ExFpHImruH5n_PlH7mBl6fYnWS-hZf2VcV_ggU40yua0zcIivAh7f685oHSUMOPlU4EfzY1g1cEwSE5YfP-SjAp0au94oJsHc8Q2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 close2016.png
g.delfi.ee/b/ 2 KB
2 KB 45ms
45ms Image
image/png 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/b/close2016.png
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:22:34 GMT
last-modified: Mon, 05 Sep 2016 13:54:18 GMT
server: DWS
age: 2988
content-type: image/png
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 1684
expires: Fri, 24 Nov 2023 19:26:33 GMT

GET
H2 200 Floating Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:types/ Frame 8081 111 KB
47 KB 47ms
47ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:types/Floating
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cb913a2a4ed3a4b752bdf98fecf64aa5dcf3f46f3fba2c89bc936e0e9d64bf18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 10:45:40 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Dec 2023 15:49:32 GMT

GET
H2 200 13955944.js Show response
s1.adform.net/Banners/Elements/Files/2068607/13955944/main/ Frame 9DF0 3 KB
1 KB 53ms
52ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2068607/13955944/main/13955944.js?ADFassetID=13955944&bv=770
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0846bbba2be93e676a32eeca7d7e199b0fc5575dbe53a5c91c6a8ed646fd453c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 09:27:02 GMT
server: nginx
x-amz-request-id: tx000009ae2298800a303b9-0065780534-3295cc06-default
etag: W/"d1aea751cef496ddebe0e6142f4d1041"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 imp Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
136 B 134ms
23ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/imp?adId=810036&bnId=61499607&pId=451075&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383143854&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&impRndId=63kg25ivns7krhw1&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 9DF0 30 KB
14 KB 43ms
43ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx00000df74e44f68a2232d-00655c671a-3295cc06-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 200 /
track.adform.net/csimpr/ Frame 8081 35 B
592 B 38ms
38ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=69864856&csi=0XTeOTnIBkkIH3gbjW33HZ94I8FrSQnAQaGRZDL-mvMCSGHUPR3ExFpHImruH5n_PlH7mBl6fYnWS-hZf2VcV_ggU40yua0zcIivAh7f685oHSUMOPlU4Hh8iTER_u_4E5YfP-SjAp0au94oJsHc8Q2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 imp Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 70ms
24ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/imp?adId=811049&bnId=61537092&pId=651009&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383143918&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&impRndId=seliz2k9eu6qj1te&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:23 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H2 200 14050996.jpg
s1.adform.net/Banners/Elements/Files/2068607/ Frame 9DF0 129 KB
129 KB 46ms
46ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2068607/14050996.jpg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b5ceebabfae007853fb18a6940f95083cee9dcafa7891c103c27cf4411e29370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:23 GMT
last-modified: Thu, 07 Dec 2023 07:55:34 GMT
server: nginx
x-amz-request-id: tx00000efad146b597eb18e-0065780535-329558a4-default
etag: "ac18ab2a78e0dd58a63d1d1bcc5808c0"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 131603

GET
H2

200

/
dmp.adform.net/serving/cookie/match/
Redirect Chain

https://csyn-r.cxense.com/?cxsite=1145189970857384309&partnerId=csr&cxckp=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=12s7c48z1mkng2q939k2jsbds

35 B
591 B

138ms
37ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1077&cid=12s7c48z1mkng2q939k2jsbds

Requested by

Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1077&cid=12s7c48z1mkng2q939k2jsbds
date: Tue, 12 Dec 2023 12:12:24 GMT
strict-transport-security: max-age=31600
server: Jetty(9.4.28.v20200408)
content-length: 108

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 8081 35 B
592 B 37ms
37ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=69864856&event=24&time=0&baid=61507711&asid=13989190&name=Floating%20Banner%20Shown&imprid=3161173771587372022&icid=8066695428259644148&eData=0XTeOTnIBklfKdmnTAHgNoMmXwnyV--oNv9eZnf1nu2hp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-5ebTSA5qm6pkMulKNnmtZTQz0DwC08FpeZ-btoQ-20zaOJDsqAYsG41&adxvars=urelBd_zVwCKVLeYHk8ZZZmWAqhYS0FPjSGWuTZri39iDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSHRjIKsHUdpZUSAF-Sk4eq5vaIBvpCMrVDepw2usyjXBssY__8I9Rn-8-wWkU7tDPXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfx01TvioFKa8Edulz8D_qAd0&rtbdata=qLXum2p1o-SIx4E20qX4pM8EcRrXrPt2a1HjJy5WwjsSgb4uBtizh4p-Brszzkeatbm7gTk-Dnw34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2&rtbwp=17nOlXG9bA41&rnd=867417713

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 13989190.js Show response
s1.adform.net/Banners/Elements/Files/2029728/13989190/main/ Frame CF09 978 B
889 B 41ms
40ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2029728/13989190/main/13989190.js?ADFassetID=13989190&bv=514
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 89af0bb6af72eb533322e596deb7238dcbafbbcbb566953222d339cec663ac7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 13:21:25 GMT
server: nginx
x-amz-request-id: tx0000032202ff575d9342d-006578091f-32959ea8-default
etag: W/"c7d4d619f03b89d6478b6e9a39eecc7b"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame CF09 30 KB
14 KB 46ms
45ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:types/Floating
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:24 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx00000df74e44f68a2232d-00655c671a-3295cc06-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 style.css
s1.adform.net/Banners/Elements/Files/2029728/13989190/main/bvpath_514/css/ Frame CF09 2 KB
887 B 43ms
43ms Stylesheet
text/css 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2029728/13989190/main/bvpath_514/css/style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:types/Floating
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cb7d4b6defac029139f3ead2887c67528d65814ec12d46d6933590be69b39999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 13:21:25 GMT
server: nginx
x-amz-request-id: tx000007fbacc380281bd18-006578091f-329558a4-default
etag: W/"bd8aa0a91bfc85ecc857c844e41a8503"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 main.js Show response
s1.adform.net/Banners/Elements/Files/2029728/13989190/main/bvpath_514/js/ Frame CF09 4 KB
2 KB 46ms
46ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2029728/13989190/main/bvpath_514/js/main.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.237/e/.gSBgiLQ/i/vCAv.IAAAAAUAA/r:AdConstructor:types/Floating
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 658c24a761f1cd67cd477a948235f1cf41ae27701c644672a362e807a5f52e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 13:21:25 GMT
server: nginx
x-amz-request-id: tx00000cbd35f1994c6eb6e-006578091f-3295f919-default
etag: W/"82f7e874cc99ad1ffe3ab90a896d75b5"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 close2016.png
g.delfi.ee/b/ Frame CF09 2 KB
2 KB 45ms
45ms Image
image/png 185.20.100.194
EKSPRESS-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.delfi.ee/b/close2016.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2029728/13989190/main/bvpath_514/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.20.100.194 , Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS: proxy3.delfi.ee
Software: DWS /
Resource Hash: 43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:22:34 GMT
last-modified: Mon, 05 Sep 2016 13:54:18 GMT
server: DWS
age: 2989
content-type: image/png
cache-control: max-age=3024000
accept-ranges: bytes
content-length: 1684
expires: Fri, 24 Nov 2023 19:26:33 GMT

GET
H2 200 13989191.jpg
s1.adform.net/Banners/Elements/Files/2029728/ Frame CF09 37 KB
37 KB 41ms
41ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2029728/13989191.jpg
Requested by: Host: arileht.delfi.ee
URL: https://arileht.delfi.ee/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c936bab6447d59093b9f353ef7779430ae119ae03a0ab247e40a7ca5f2661f97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:24 GMT
last-modified: Fri, 24 Nov 2023 13:21:25 GMT
server: nginx
x-amz-request-id: tx00000ed4acbc65de9406a-006578091f-32959ea8-default
etag: "5b9788d91daeb0fc1942819a9f0b9968"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37923

GET
H2 200 imp Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 46ms
46ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/imp?adId=810220&bnId=61507711&pId=569270&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383144211&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&impRndId=wlcl4wfv6kccbw06&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:24 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

POST
H2 200 /
track.adform.net/serving/unload/ Frame DCC6 35 B
592 B 38ms
37ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=UZb5um3V8DHa-VshTtuxNtqhhyX-Gb3TA3u4BjtylkChZalnLXkxpfpGHUapO8XAbxt5hZ7Tvs81_gBuFiiU7m8beYWe077PH_SVFy5caZs-ovpKSfkpcRW5FXyk8xqIKb0WaSrG8yc1&unload=8066695428259644148@@69932513,6853422599469618283,100|1193|0|0|0|0|0|0|0||398|0|||||1|0|0|7agifP6FxX55lT90q-mtzbiR0rE5YRp7h6CUF6vwCip01WGWOhHuW_P_QLnf0NKMbd3htCAcPy0m-sHAnsnM3o5E0LoartvVSm9BAzhlkbRkAW6OdCBF7A2|urelBd_zVwCX7q1wCkmFo7YsWfBRwDmf6fPKT-Zp67NiDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSND5w7pWBM3SborE0wM5z7TOYKbjfhdCj2j__u5kGqOt--Moj7f2GTllJ0QIrUe_VXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfywHGz6B6dJ1w2|1|11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame DCC6 35 B
592 B 74ms
74ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=69932513&event=178&time=2&baid=61537092&name=Viewable%20impressions&imprid=6853422599469618283&icid=8066695428259644148&eData=Q8tFaLnugrfY0EDGv75RjoMmXwnyV--oNv9eZnf1nu2hp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-5ebTSA5qm6pkMulKNnmtZTAsNCbM0zcYuZ-btoQ-20zaOJDsqAYsG41&adxvars=urelBd_zVwCX7q1wCkmFo7YsWfBRwDmf6fPKT-Zp67NiDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSND5w7pWBM3SborE0wM5z7TOYKbjfhdCj2j__u5kGqOt--Moj7f2GTllJ0QIrUe_VXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfywHGz6B6dJ1w2&rtbdata=zDPfQtTlILlXNJOZUu2Sv5b3EfWiQ6QRSMPPtoq8saiaYXGdg6Q7iIp-BrszzkeaD8GeUHYXp2k34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2&rtbwp=vR5KWVVM5-81&rnd=625528221

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame DCC6 35 B
592 B 73ms
73ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8066695428259644148@@69932513,6853422599469618283,100|1194|0|0|0|0|0|0|0||398|0|||||1|0|0|7agifP6FxX55lT90q-mtzbiR0rE5YRp7h6CUF6vwCip01WGWOhHuW_P_QLnf0NKMbd3htCAcPy0m-sHAnsnM3o5E0LoartvVSm9BAzhlkbRkAW6OdCBF7A2|urelBd_zVwCX7q1wCkmFo7YsWfBRwDmf6fPKT-Zp67NiDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSND5w7pWBM3SborE0wM5z7TOYKbjfhdCj2j__u5kGqOt--Moj7f2GTllJ0QIrUe_VXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfywHGz6B6dJ1w2|1|01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 in-screen Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 23ms
23ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=811049&bnId=61537092&pId=651009&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383145388&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&timeOnScreen=1&v_imp=true&impRndId=seliz2k9eu6qj1te&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:25 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8081 35 B
592 B 38ms
37ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=iNb542k7olna-VshTtuxNlgQX6DhI_sg9eF2K4zSQk2UbkpL68yn8LxDDLEgm7oa0&unload=8066695428259644148@@69864856,3161173771587372022,100|1200|0|800|1150|0|0|0|0||25|0|||||1|0|0|5BzuTrqCA5N5lT90q-mtzbiR0rE5YRp7h6CUF6vwCip01WGWOhHuW_P_QLnf0NKMbd3htCAcPy0m-sHAnsnM3sHKVeABgQI-vJxzIiY8XeFkAW6OdCBF7A2|urelBd_zVwCKVLeYHk8ZZZmWAqhYS0FPjSGWuTZri39iDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSHRjIKsHUdpZUSAF-Sk4eq5vaIBvpCMrVDepw2usyjXBssY__8I9Rn-8-wWkU7tDPXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfx01TvioFKa8Edulz8D_qAd0||11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 8081 35 B
592 B 74ms
73ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=69864856&event=178&time=2&baid=61507711&name=Viewable%20impressions&imprid=3161173771587372022&icid=8066695428259644148&eData=0XTeOTnIBklfKdmnTAHgNoMmXwnyV--oNv9eZnf1nu2hp-Fzl9785JN-mhkbkpjh0D8PKyfwokWfLLaY_RKe-5ebTSA5qm6pkMulKNnmtZTQz0DwC08FpeZ-btoQ-20zaOJDsqAYsG41&adxvars=urelBd_zVwCKVLeYHk8ZZZmWAqhYS0FPjSGWuTZri39iDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSHRjIKsHUdpZUSAF-Sk4eq5vaIBvpCMrVDepw2usyjXBssY__8I9Rn-8-wWkU7tDPXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfx01TvioFKa8Edulz8D_qAd0&rtbdata=qLXum2p1o-SIx4E20qX4pM8EcRrXrPt2a1HjJy5WwjsSgb4uBtizh4p-Brszzkeatbm7gTk-Dnw34HjPpnDlWVfnU3avbAe0x4cAr1A-4NTNlGfiu3_geu4YynDhWUT2SO0fVM7Vjj9ZwU-UIQ9rHw2&rtbwp=17nOlXG9bA41&rnd=796015014

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8081 35 B
592 B 39ms
38ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8066695428259644148@@69864856,3161173771587372022,100|1201|0|800|1150|0|0|0|0||25|0|||||1|0|0|5BzuTrqCA5N5lT90q-mtzbiR0rE5YRp7h6CUF6vwCip01WGWOhHuW_P_QLnf0NKMbd3htCAcPy0m-sHAnsnM3sHKVeABgQI-vJxzIiY8XeFkAW6OdCBF7A2|urelBd_zVwCKVLeYHk8ZZZmWAqhYS0FPjSGWuTZri39iDhEr789bvPIprxFE-EGSuwilsM2RsZy8WyaPj0xiSHRjIKsHUdpZUSAF-Sk4eq5vaIBvpCMrVDepw2usyjXBssY__8I9Rn-8-wWkU7tDPXFNbdWUUaeH25CsXkRpVsyCjJqe4QfC4I3LJ7n1FiZVrzGImiaayGYwrrvSecdk_IEa5NjvKxbtRetD1MqfAi3xHv-msnX9AsjSzb5OON7V0KaT4vFO-unVjYKC6UcGm2HQ2GIyTed7gMbPNq93IijCLILfokDY3sZ3LjYsZbk-Tl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcjQ2qIeGwbiNi91BTUmBR4njsnMjdaoSExvYRwcFD_YPbJ6ZPZxXbGIIDuBGjLcqfx01TvioFKa8Edulz8D_qAd0||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://arileht.delfi.ee
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 in-screen Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 253ms
253ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=810220&bnId=61507711&pId=569270&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383145789&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&timeOnScreen=1&v_imp=true&impRndId=wlcl4wfv6kccbw06&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:26 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H2 200 sdk-runtime-config.js Show response
buy-eu.piano.io/api/v3/anon/assets/ 266 B
706 B 109ms
48ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-eu.piano.io/api/v3/anon/assets/sdk-runtime-config.js?aid=WSdSTXR9pe

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4382b1d8c70af30af66f16fbbf7a7f6ccd6de6f9401b557e68d62181da91fbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://arileht.delfi.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:26 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Eq8zj5s22AJ
wn: prod-euc1-dash-10-4-145-221
last-modified: Tue, 12 Dec 2023 07:58:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
cf-ray: 8345e028ac9fbb7f-FRA
expires: Tue, 12 Dec 2023 16:12:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 414ms
70ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c107137d1af2c5b68310bf9b3b598d4ca7da3ddec657827f01cbb308efb8d193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11974
x-xss-protection: 0

GET
H2 200 segment Show response
api.cxense.com/profile/user/ 166 B
692 B 95ms
30ms Script
text/javascript 167.235.124.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCB2&persisted=b04a959c2ea64c1ef725a6abb04ccecbbd9e6671&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22lq2ayw0g1ff3unnf%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0002.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

9b144eb9360cd74529982ef7ce0b2cc4630de16ec5810f8281edebd3a00aa489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 12:12:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 166
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 22ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1884980121754918&ev=CxSegments&dl=https%3A%2F%2Farileht.delfi.ee%2F&rl=&if=false&ts=1702383146629&cd[segmentIds]=8msoz891pzwg%2C8mt7ihdvwgr1%2C8n42hqlatmtu%2C8nffug5nx7e8%2C8nqgnd255ftt%2C8nqixztc4wiw%2Ciu6x268ylosz&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702383143135.1798454154&ler=empty&it=1702383143097&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 12:12:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 131ms
83ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 12:12:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0174 13 KB
5 KB 255ms
254ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 11:00:07 GMT
expires: Wed, 11 Dec 2024 11:00:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E7F4 829 B
982 B 32ms
31ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2694b2ec87b21b5f47912798a2d7f30a28956833e50ac1d6ee4db2935702a43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lZ7UJquEW418XZgcupwMFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arileht.delfi.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lZ7UJquEW418XZgcupwMFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 12:12:27 GMT
expires: Tue, 12 Dec 2023 12:12:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E7F4 0
0 115ms
114ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4067557831568727&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0174 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 08:50:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0174 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-uRhqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:12:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 in-screen Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 23ms
23ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=811049&bnId=61537092&pId=651009&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383147799&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&timeOnScreen=2&impRndId=seliz2k9eu6qj1te&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:27 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4067557831568727&bg=!oqGloe7NAAY3kmNgF5I7ADQBe5WfOBoWRPyTz8zWGlae4GEk5jPCfrjIzTUbg9YM8OMsk2vXj0mtRUESiq3QdVNQrKxoAgAAAEdSAAAAAmgBBwoANE8JE1XpVh5MZHtSAikZLJclsUyp5RWyCPVHQU21HissSn6FtPyo8uu46oAHUdxusaS78SeZAvMdmK0Z3OALrPVp6Y_jywio560r1IdqNZ8kYBd9vfF_L4oE_0fAZrSthDyHA-ZG2swdTI3H11j6W58BzD4IlZGBMQ3HZy9yH5Ez8xTJG9MAkafMNXqvF1K7XntrmqWP3vUX3rB7WR8DrUbb6U5sncp2av9TbGLSpazVi7vAHj3wMc2LJk1Ryyg3vcoJhEsT0VNOpxFzdD3NXfHFGo_LJGsTwRUgHTndHIptV3z_BU10p0pKqUYUmZXc730RGyYmIkmPn15PekJoWRsdNFCPnBY7VEPTmcN7ry674fMnS4JNn8j3N3sg85Ot9YgGD-mrn4f3Qp4hlIj6daP9Fx2XTQ4gF1WvHywryblPLXlZ3EWEmWCb_OJNhJy92ZwQ69dDXg6etMWnvDCTPhVx0EzwKBojN6kafbzr-8yNFLAtW-A8cJNHXYxmyFqm4XDAZmXcKNhH7brB4fWxkw2jFmSxFUgCpMckjv9tDBt1IFjuCf7IHXXdObYL31ljuYjWk7jqGvrPF4qtUEjcMoX4FdAOleHfSiST670FgEa7KJy9_7vt9Fm8BRZC6m540jaAiXL9bAJNaicIlCroFOa_3u4nUKovHUbWc9Hpm2TQL-qOxlK5tp586D0tL8xLAs9PXh6DgMshLX4TA70g494K_3EKANG8KTsAZ5s1MUxyqXviKIxtWNWYGloASYZe0flJWXfGFcihe3smVDam7RThycDVAQDDKwbvf5v-3cSvcpPT-Lh-DFlf3Ju6By91awTurp1Weri_HPCSCV9qIWqrWOwMl7Q4XL3GDxdETi6S4YmFGz8DcuZIscix5rAKokVMHavg9NURbQj_5ZBQCxjov9x-Nz5AfcRaQgnYPoEdL8F_59L7db2df1HScSe4ZTukfLhUU_ZP66GNbD0fS50aVpJGlNLmyA6RLqdhOquyBenSGFbMrRgiA6q8FFNYPUc-PdWZwMABaagwWh9E9i4biLc6rCGHtp995rSnfapCeIFEWm26G6qh8A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 in-screen Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 23ms
23ms XHR
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/in-screen?adId=810220&bnId=61507711&pId=569270&location=https%3A%2F%2Farileht.delfi.ee%2F&t=%C3%84rileht&cb=1702383148200&siteId=1145189970857384309&cxId=cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7&cxprnd=lq2ayw5fkshbc3cw&configId=22&timeOnScreen=2&impRndId=wlcl4wfv6kccbw06&evid=cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
Requested by: Host: ee-production-portal-root.s3.delfi.ee
URL: https://ee-production-portal-root.s3.delfi.ee/1.6.20/vendors/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arileht.delfi.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 12:12:28 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/dhcdwcu0be

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.delfi.ee/	1970-01-21 01:38:39	Name: delfi-adid Value: e53372b9-733b-4e38-8b6a-e53d5094cc40%2C1702383141851%2C1702383141851
.onesignal.com/	1970-01-20 16:53:04	Name: __cf_bm Value: mFyDAmYrHoHYDAv6o4Nni6Nl5mY_E0PYBjqFxMNWyuY-1702383142-1-AYB5CFGt94UEA2oa8q0C0O9E9p/JABOYAj81vikCGSvmNIPs2BC1PqpZw7gs8cYrESViBwy7cys+xU03hEUHAxA=
.piano.io/	1970-01-20 16:53:04	Name: __cf_bm Value: zrsUJVmcfCcZZZ99xrShJSYNFeYNrXuRoBuWSSCNtho-1702383142-1-AY9um8URlIyGgRIYS7Lg7tOt7WWLgSREw2rhPwV9WOQKfo7/GauiOhJ/dS7EwpsZD4+7yqlCkvrfGyo270eYfXw=
.delfi.ee/	1970-01-20 16:54:29	Name: _gid Value: GA1.2.412405472.1702383143
.delfi.ee/	1970-01-20 16:53:03	Name: _gat Value: 1
arileht.delfi.ee/	1969-12-31 23:59:59	Name: LANG Value: et_EE
.delfi.ee/	1970-01-21 02:21:51	Name: _pcid Value: %7B%22browserId%22%3A%22lq2ayw0g1ff3unnf%22%7D
arileht.delfi.ee/	1970-01-20 16:53:03	Name: __adblocker Value: false
.delfi.ee/	1970-01-21 02:21:51	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWAVg4AcATiEB2AAwDeogMwDuM8UJABfIA
.delfi.ee/	1970-01-21 02:21:51	Name: cX_P Value: lq2ayw0g1ff3unnf
.delfi.ee/	1970-01-20 19:02:39	Name: _gcl_au Value: 1.1.1976599315.1702383143
.delfi.ee/	1970-01-20 19:02:39	Name: _fbp Value: fb.1.1702383143135.1798454154
.doubleclick.net/	1970-01-21 02:14:39	Name: IDE Value: AHWqTUlXjenqQkaMkYCQyh6DZe71moXx1b9sZ-uSQ0LXtbj3OY3aLNt-n-Hoe-Fu
.delfi.ee/	1970-01-20 17:36:15	Name: __pid Value: .delfi.ee
arileht.delfi.ee/	1970-01-20 19:02:39	Name: __pnahc Value: 0
.delfi.ee/	1970-01-21 01:38:39	Name: dcid Value: 3686134819,1,1733919143,1702383143,8104d446273348632cbe29cd89421bc0
.delfi.ee/	1970-01-21 02:29:03	Name: _ga_C4YBSNESQ0 Value: GS1.2.1702383143.1.0.1702383143.60.0.0
.delfi.ee/	1970-01-21 02:29:03	Name: __tbc Value: %7Bkpex%7DwyIA2PklWk_5db5AvXH46gzsiX5YsvpDYt1TMAltlBIIcCNO67tQQMLCra_XCAjs
.delfi.ee/	1970-01-20 17:36:15	Name: __pat Value: 7200000
.delfi.ee/	1970-01-20 16:54:29	Name: __pvi Value: eyJpZCI6InYtMjAyMy0xMi0xMi0xMy0xMi0yMy0wNzAtSURvRlFpTlhqbTlHZExJUC0xZjU4Y2VkNDEwMmM1NTMxY2E3YTI2YTgwMzUwMmIwMyIsImRvbWFpbiI6Ii5kZWxmaS5lZSIsInRpbWUiOjE3MDIzODMxNDMyNjl9
.delfi.ee/	1970-01-21 02:29:03	Name: xbc Value: %7Bkpex%7DcS2Gsf06TzOkFrj7MmRzvF7CKyX0hGPVQaf31hJUnz8wel5Vf1qMZpUQ_7cb-mG30jvmgEOXlEMOtcWpcyim8CbeIvJ9FNUigBKOSyG-lRzLJYpufnjBamBIv8ThEOsN
.delfi.ee/	1970-01-21 02:29:03	Name: _ga_YG8VC2H8NV Value: GS1.1.1702383143.1.0.1702383143.60.0.0
.delfi.ee/	1970-01-21 02:29:03	Name: _ga Value: GA1.1.296251416.1702383142
.adform.net/	1970-01-20 18:19:27	Name: uid Value: 8066695428259644148
s.delfi.ee/	1969-12-31 23:59:59	Name: _edcCORS Value: 148335f6410c126576114ae1dae5177d
s.delfi.ee/	1969-12-31 23:59:59	Name: _edc Value: 148335f6410c126576114ae1dae5177d
.delfi.ee/	1970-01-20 16:53:03	Name: _edid Value: 0:lq2aywc8:BJveNa5qQqfAlBiTKFlRgJfqrJ_TTLe_
.delfi.ee/	1970-01-21 02:29:03	Name: _edt Value: 0:lq2aywc8:qq_AvITbgPHcNOtgJgoiSFJZH9NdSOqb
.adform.net/	1970-01-20 18:19:27	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 17:03:07	Name: TPC Value: 1702383143588
.adnxs.com/	1970-01-20 19:02:39	Name: uuid2 Value: 6132315279969385889
.adsby.bidtheatre.com/	1970-01-20 17:03:07	Name: __kuid Value: ac51bd77-d149-492d-85f1-99187e07604e.471597143
.delfi.ee/	1970-01-21 02:21:51	Name: cX_G Value: cx%3A12s7c48z1mkng2q939k2jsbds%3A3q2cg4pxgv3m7
arileht.delfi.ee/	1970-01-20 19:02:39	Name: evid_00XX Value: cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
.delfi.ee/	1970-01-21 02:21:51	Name: __gfp_64b Value: nHaxA4LuF4IZSTfPlljcHMvsuM083inNTCXU8QT2Jk..E7\|1702383143
.hit.gemius.pl/	1970-01-20 17:03:07	Name: Gtest Value: KlxtRRXGQMGGQUe2yxhLSM2UssGMXP8c25nSGsLMlt4BXBG.
.cxense.com/	1970-01-21 01:38:39	Name: gckp Value: cx:12s7c48z1mkng2q939k2jsbds:3q2cg4pxgv3m7
.hit.gemius.pl/	1970-01-21 02:21:51	Name: Gdyn Value: KlxhXMaGQMGGQUe2yxhLSM2UssGMXP8c25nSGsLMlt4BFRxSG7RrGS6GNLctFlMMYH7hRjBGqSRxSG8.
.hit.gemius.pl/	1970-01-21 02:21:51	Name: Gdynp Value: ba_xMxDJUHKlb8pFlL8YUC86uF1XtwMh7vDUpqvbV7j.Q7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1884980121754918?v=2.9.138&r=stable&domain=arileht.delfi.ee(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://www.clarity.ms/tag/dhcdwcu0be Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adx.adform.net
api.cxense.com
api.delfi.ee
arileht.delfi.ee
buy-eu.piano.io
c.cintnetworks.com
c2-eu.piano.io
cdn-eu.piano.io
cdn.cxense.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
comcluster.cxense.com
connect.facebook.net
content.api.delfi.ee
csyn-r.cxense.com
dmp.adform.net
ee-production-portal-custom-page.s3.delfi.ee
ee-production-portal-root.s3.delfi.ee
events.getsitectrl.com
experience-eu.piano.io
g.delfi.ee
googleads.g.doubleclick.net
h.delfi.ee
ib.adnxs.com
id-eu.piano.io
id.cxense.com
images.delfi.ee
l.getsitecontrol.com
ls.hit.gemius.pl
match.adsby.bidtheatre.com
onesignal.com
p1cluster.cxense.com
pagead2.googlesyndication.com
region1.analytics.google.com
s.delfi.ee
s1.adform.net
s2.getsitecontrol.com
scdn.cxense.com
sentry.aws.delfi.net
sgaee.hit.gemius.pl
stats-collector.cxense.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
ts.delfi.ee
www.clarity.ms
www.delfi.ee
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
x.bidswitch.net
www.clarity.ms
104.22.74.73
142.250.185.194
146.59.30.96
167.235.124.23
167.235.124.24
167.235.124.59
172.67.28.62
18.192.242.138
185.20.100.194
185.89.210.212
188.166.17.21
188.68.250.247
20.54.110.135
2001:4860:4802:32::36
2400:52e0:1e00::1048:1
2400:52e0:1e00::1082:1
2606:4700:3030::6815:4222
2606:4700::6811:c276
2606:4700::6811:c376
2606:4700::6812:d73b
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9c
2a02:26f0:ab00:385::268b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.200.73.183
37.157.4.29
37.157.5.73
37.157.5.84
37.157.6.233
51.144.7.192
51.20.247.195
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
034759a545e372f8668347d5b9c8c6f1b32f6fed8249ff6df729ffb019e0aaf0
0846bbba2be93e676a32eeca7d7e199b0fc5575dbe53a5c91c6a8ed646fd453c
0b299842002799799e7def1c2caa713f43da3acf0403783954b8892be1dbc619
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
128fe826f7377e487b7bf20d8a42b8f6c5acdb47def31508215d4e2a92a4e3a7
12a40b8d278e4c06e144e9474990b8dfb3bb5b2a424995d9ef7491e221a3fb74
157da6c7257ae9d3003ea2ee99d1ffab7f4cb2368efabf3d33be30f483ad1dab
158406018cfacf0d4ca02587865bbe39693e7c76f9cbe1dcef4197ca791938d3
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
17b32322c5a1b687c198ac0d49f5b2eda3e8dedbedfdc010543840b855306432
182b666d7e37f39b237f761968bbf966600282f8c37222c7c75d3cbf74b6c418
1bb7f12e7b84c62032481f3b0e5f88523cfc1bd34726b6014f0e4766fc4d7543
1f4a93acd6eee48d66e7b64e5f8631ea21b6190d013ee7b85debf7ad35efe424
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2104d9aaf5fcab52fe117d506a269f558e21e3f42f3f454259ad1c5c9c64f918
23946fba5e4d238c206c642d472e68c2485d953b81c4fe1b0b26dc2aae2c261c
24b4abc96f38fd63156f8720cf6bd932dab541369149dc73784cd2d6d112c974
2a4f50e29e15a7181f732b7cf2c4f9d201e60d8ee72428e4120c821bd0cf815c
2d123a20bf69d351ad9eb0415aa24808ab9bddf204a1b6174cf50e27691acfe5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3739648e245fd5b71fc68757e194288783c9c6a222baad2e3ed35e76a318bbf0
385a3321b0c214d7b4476729aa33f296aa1b8458de7f777d5965f8b70a8c97d3
39235861d9bc9a21651d032048c05298d7018a1a70de913b10fd48902e0cd339
3c0ad20ae45f1d4f63e2221c62145aecec2274ca544c2d9a976fbb13656b8825
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e57fb6f45f89bd71c4d0612550c88e64a84b5c21caf8d62fd72e865e0c5a0e5
40eb4049038f295d2363a23fc2d41e547df791b6e01c0316534421d65ffc80e2
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
4382b1d8c70af30af66f16fbbf7a7f6ccd6de6f9401b557e68d62181da91fbff
43ad942ea36b5098296140e65050989872b95bcfa4f4617cb13c5635c1cc7021
43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44491958b44f7487112c8446d7a90a8d2db6c4f3e3e7b4e6c13aedcdeaa93b3c
4480dd9c50ef6b44672d16290c1a2b4901e3d19350a4dffdff54de6a505f66cf
44cf1d01b1191b0e352d26b0689908f284ae6922b56cd33b7824287008545a73
46ab61748e150272aab5c0224e72d0c8a3c6df9f40277db62a52f9f7b02ee637
46bfcc499b55652cd794cfe8e7cedf8c301f90784055eda4cc5ff77e1b2c8c98
477f890c25212cf16c7fe1fa8a9d17df73b5cd3197b2fc9e127dbdffd5e82af0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52036e323fca4d2cb6f0fee2d99bc0cff78cda2dfdded17e8280d92fc833e73c
5235946422da9b1edfbec780cd58ab945cdbfd8077ee6e09ebb87c67e04287ed
525e4a56eb4f14488e0bba6c42c99331732bde77fa8e44557453233efe7e9089
537e0b63ecf730e3e6fb321e791ffde12476709b5154e539788c0e27cf3b5bf8
5381eb127a4bb32967d39083c6c376d410a4da1177b77cb17544e2f272791f86
542bc78090fbaf2abb14730934eaf457bd836fcaa63a27a02e342fd9c292e441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560bdccee876b5a023db9bc53c2522c5df93ed761f9a39499a829aa01b8523cf
578df5aea91ff2cc8fb30ed380cc68137bf9f92ad755cfeb73d1e1c0929953bd
5797691548eb8ee126ca300c213860aac9a5c967f1066e301cffc03aa13e060e
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b64dc048da92305621cdfa9e21c7ecd2908029a3adc84d94dfc6540bd688fc3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633643395f3282d7988147e469b172e4750ef88ada3b546da1975bbc42e4601c
63d96874c2e15707268b9593d99a7f619ecbcd972e83000bc5d7fedcaf0a17cb
63fbe25c1b424661f9e901e7cb1c20ef4a3b65de588d890cc0e3edd846e37adc
6528ec0e1bac4881919c73b50a89927cfb53ec26e990f096b00468393eaf9ce5
658c24a761f1cd67cd477a948235f1cf41ae27701c644672a362e807a5f52e90
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
6c2dcb0990b029e7a163a4f87c58bd55f394d20ced51af92e1c9e422154f6791
6f60b024b9991c6c8235adc277353ad6624bfa4f2c3384e1ee1e107131dcb5de
70fa7d6af1775ea7cbb76511f73b02a74a55c965b1956e7cc5ef3798871badca
7241fd620138faf28124dfe7856cbab2b97ee5905b27d86cf864ac2ca58c0704
72f5cb7273c103f1c2ceaf01f5ceb59c0c452e0c93ebb5e88df6e9eca1498510
736a5d1495d44823bd8d68b3a7359aa573cf2a574f8401d83aca9a00816e708e
7665a78398ac9159d54d1ebca3f257a5fbe564425cbef3492508e288c0439cb8
76dabf55e3078e74adefdc33f8b6eff8bb3a6213dc75b9770a66d5a2efaafd50
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
7b7d2fb6a1ae4508350d83ecd0c7e495178b49ffef3ee51dcc6fb8731f52e7f3
8056cb1dc61efa278eac29585bf75d4118502d5e0429cabdcdd311d2fbecfe6c
815a1227b64fb88f47b74b91e1379f84b23adcdecd7aa883974e12a2e445038b
826b30aab9d32ae24380ee3315d9c77e3ca461f32c73a9fd5e87b03c617c9da7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859ca09d35e47fed4262ed3230d408da83dc76731555d4a22663f8f54ab61b60
861a7f546a6b6cba4307c6f74136599a1e5e65fd0d4d831baaa72c46cbd4303c
8756fc296010be508913429f8624bf43b17f1685b71052495511058dbf9c7693
87b5199b58b097e2ec92938bf044b13fc1dd5dc3fcf16bc5e7f8b56859b9b30d
89af0bb6af72eb533322e596deb7238dcbafbbcbb566953222d339cec663ac7c
8b053b2fb86428fb09671accf4e899d71fd2ac3b14adf5f353435e2f6e7d7e1c
8ec4d333199c9e00f2d74e0302b46d04bf6534a5eb3e943f0afade70dd56d3ac
8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6
9507bd8b04ee11b5fde012b37daf115a293a1a4ff157817a955143fe88786d1f
96b25592c4d82216e0110448e9505cce0234abc350c17a39fa7caceb45d63a54
9a0e636d47dcf360c9613ef1ab13d8fca08f30698b508ccd58a986078cfb8c2c
9b144eb9360cd74529982ef7ce0b2cc4630de16ec5810f8281edebd3a00aa489
9ba57b1c8c3eb9cdb677bd07bef7acdaa326cc80ca004070607420b511016e92
9dd033d61e02c063b8187f8f28ea588391a4c6127e22c22f50dc003dd7402785
9de406e103c7dd9c3ac930b8de94113787c0b1bdc85f0df4d2e5fb9d1b4bf4ab
9e6e43cd0cff57e6fc851a9f897bfab6b41a84d0dac4789a800bc0717be9af2f
9f4f1d7abcc0736bf3c2a2acd22407f5cd35c93717c5c4084994e835bad77f34
a03f472cf09b3065a8c7bdf8e12fd98bfbca47f4bc4527cd0869e3a9556c696b
a050a3c304a3b0bf37143828706d3bd34a0699d13ca827e919f4600db52436e2
a5e0104d6421cf17fc1312b0190e7c5357a59c10dad1d9bbd3b48b1d3aa30985
a60f8217eb7a58d5c3b6869af0898fa3515f68313813f4d6918db3574c38fe99
a6608672b67f0941598aefcb6f43bc6cb5deee9ed3f4e7b9c38c0b6be1137cde
a6c945db83be989d633f3907401de4849f83d3d982b1f6f9d1517f2195db49ff
a6fb360360cb7b20b9cbab3efb77c449a28e62e9bc6c8bd0f7ffe6a7c7caaa5b
a894f0ad43876cac9f3a90993d69a16b9d858f7453587895378be06e8bd4f93c
ab2d6547f57b0c09659f377c3d9404164e10214f30dfdc8452505219720eca86
ac2687ccfdf53fa7da0dd271c1c90c3c6ac78d7c43c420a777b487f1d36987fa
ad53d5b9c9825d29034206941f077b896dff3f335afd59ba1e4da52e32c7435a
aedaf40884efa2217933bb42fb22aac1fe3b0bd1ea0415bfe201a6fa94d68812
af541fd9954b90e074496298934147b23d36e2837cbb5699f31902418df305bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f5b4961f8b88e8a881a4e4aa3678e5c2963c907953665e390cb1ed39426367
b2058ba588897349694add7be8272833725df68aa3189d5f64aef9c631860477
b27170653bb14a6d15c3d4c584b3e49be618baf2717d8129c32b16744d755e36
b318b43a62302eba28a5b555ac5bf701feb1c17717036f6ca1f4c706ad941a28
b5ceebabfae007853fb18a6940f95083cee9dcafa7891c103c27cf4411e29370
b6273e75080b0f348a773e73f53813c86795448824ecd42cc23ac366d35e20ec
b7185d3639d780da209bf5cf0e4c39017df400412bcd3bced5930d28e12adfc8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c107137d1af2c5b68310bf9b3b598d4ca7da3ddec657827f01cbb308efb8d193
c17379233fa328879cb537f60256435d745deaec2184d1eff31864b2bcf8b8c2
c936bab6447d59093b9f353ef7779430ae119ae03a0ab247e40a7ca5f2661f97
cb7d4b6defac029139f3ead2887c67528d65814ec12d46d6933590be69b39999
cb913a2a4ed3a4b752bdf98fecf64aa5dcf3f46f3fba2c89bc936e0e9d64bf18
cd7e336b2be92684acc4ad5f4aee2d7ef29c8fabe64f63b1709e2fe9360859cd
cdb9a87ef2c2d184ffc990fe214009de53329cafa4ae63d91b2ab4878feba269
cdd9258e1dff12b31b6033b9062f211ca59beba17e118ad46d2363b376b213d5
ce1fa55f73be7034974cf95ad72297f7e3a2adae69e23a7a2a58023f878f2b75
cf1a60e9d45aaff00e8e410bcecbeb3a2d23859ee2da52fff2fceda8c7bdce69
d139e63a31ed32f308b8ad343bcf4dfdc535fe8bda7bb7de6fac87255f26ff9c
d2694b2ec87b21b5f47912798a2d7f30a28956833e50ac1d6ee4db2935702a43
d5b60bf4d51231e778a1e628e709a16dbe59209f1b568ddb578bff691e3bce80
d682fe10a6dd5f826f84524261ba7463d4daeea019cd9c63f1b2612a3d02fcb3
da66774351177565f8ba7f02b7d1f322f0d04ec983659106c6e1206cb4738c92
daabae9c72338dac1d1227e4269fc43b20651e0ccbed5a3f9a45593250aa494e
db28549ce8498f3becd03d79342144db24baddef92bb5a8e9848c0cefda356e8
dbf75b2439fc8d49e8eb9405fb91bd40286c643adfb882abf1800ec525a0fa3d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7c1d5e1d2f0e6b471453b898655d1c38bce64114821f42bd9f7e7412f5644b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5241226dd12405879bb458ea98564b363310e2b7c2e7696e694180715f1b975
e5ea05b02331d33a86e7799d69319700efecbb3516377e34d018ee60cc49f7d9
e954ebcc501af41b14d99e5299d46ee6b6065a827a16726179e890d8917c8c5e
ebe0f5e505f28797efc909944709635b192249f85998c874d4301f2c21353074
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed008cabce5b88f6a4d603cb2f9bf32005ec1dbd1d80d95881898e232013ca7c
ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75
eefe2ebf1331b2a7ec6879e14a07d4f5d156770f35a963513b0e22b1842d5d46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3810b5992a5d12983e3d9f83d6de1adab980dc93fc6e49f7deb2c343cdd04bb
f40c3b015d6e8c72266faba574e542db76b3daa4caf1b78e0e7a238bde551734
f42c0f8f346250ff215abbf141f82ce17d469f20bb5f38f7a0bc234060ae7b6f
f5749f45aaca1e8b5ccdec6b1e56d6ad35aa73a2f2eeeccbddff58d2a4e9ad6e
f664aab265b6ec930e07568008e9f69aa235f907a77b7a757ebe9d865632d5ed
f80253a92d73b7a3287092b34118233df589b0452dae3df3d4abdea34a5a5a5e
f9ec88051dfedbbe20b837b44831a289610d506325c6b5bd6ad4725bfb03ef4e
fa0891ead8ab27cb24d82c1f726c3fd7a1389f74dd5b9dda6aeceb3f24678e0d
fa626a718dcdd89a9697c651e08e97b50716ec927e11f12faf682ee43d895f44
fc2cc7085b2b5476499ee07e07a88a3af1796896f04e18d585e983cad4278543
fdab92b87053737a75cce1e93dcfd750ded405bd8f44d0c2f309ba208d46e4ef
fdd7427bc5f31a03b9f70ecb10ee0ead32fc556a65671e84e807c446bab386e5
ffbbe56bf8e357b215eafea3a0c591db1bfb363bb956399f0d5a9c0398faca29

arileht.delfi.ee Open in urlscan Pro 172.67.28.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

93 %HTTPS

47 %IPv6

23 Domains

55 Subdomains

36 IPs

11 Countries

5435 kBTransfer

11783 kBSize

39 Cookies

23 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arileht.delfi.ee Open in urlscan Pro
172.67.28.62 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

93 %
HTTPS

47 %
IPv6

23
Domains

55
Subdomains

36
IPs

11
Countries

5435 kB
Transfer

11783 kB
Size

39
Cookies

206 HTTP transactions
1 data transactions